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(54) CERTIFICATION DATA GENERATING DEVICE 

(57)Abstract: 

PROBLEM TO BE SOLVED: To pre-pay access 
qualification to purchase or rent without imposing any 
surplus load on a certification data generating device 
side. 

SOLUTION: A pre-paid purchase ticket T2 is stored in an 
access ticket storing part 13. Next, (Tr, n2) is inputted to 
a certification data-imputting part 14. A use condition 
judging part 15 extracts a corresponding access ticket 
(t2, L2, n2), checks whether or not a use condition L2 is 
fulfilled, and reduces frequency information V, when the 
use condition is fulfilled. A certification data generating 
and outputting part 16 calculates certification data R by 
using auxiliary certification decision {t)2 and the use 
condition L2 extracted by the use condition decision part 

15 and (du) read from a user specific information storing part 1 1 , and outputs T1 . A user 
performs access to a program in a purchase state or a rent state by using the T1 . 
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* NOTICES * 

JPO and INPIT are not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2. **** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim 1] In the certification data generation equipment which is generated in order to attest a user's 
access rating, and generates the certification data which have justification verified A data input means 
for authentication to input the data for authentication, and a user proper information storage means to 
memorize a user's proper information, The auxiliary information for certification which performed and 
generated predetermined count to a user's proper infoimation, the description information on access 
rating authentication, and the use condition information that described the access condition, An auxiliary 
information set storage means for certification to memorize the auxiliary information set for certification 
containing a group with use condition information, The auxiliary information set for certification 
corresponding to the inputted data for authentication is taken out from the above-mentioned auxiliary 
information set storage means for certification. The above-mentioned picking when it is judged as 
continuation in the use conditional-judgment means and the above-mentioned use conditional-judgment 
means of judging whether subsequent processings being continued, according to the use condition 
information on the taken-out auxiUary information set for certification The above-mentioned picking 
The taken-out auxiliary information set for certification, and the data for authentication inputted from 
the above-mentioned data input means for authentication. Perform predetermined coimt to the above- 
mentioned user's proper information memorized by the above-mentioned user proper information 
storage means, and it has a certification data generation output means to generate and output 
certification data. From the above-mentioned data input means for authentication, the auxiliary 
information set for encryption certification which enciphered the 1st auxiliary information set for 
certification with the encryption key in a code function is inputted. The above-mentioned use 
conditional-judgment means The 2nd auxiliary information set for certification corresponding to the 
inputted auxiliary information set for encryption certification is taken out from the above-mentioned 
auxiliary information set storage means for certification. After performing predetermined processing 
according to the use condition information on the 2nd auxiliary information set for certification taken 
[ above-mentioned ] out picking, it judges whether subsequent processings are continued. The above- 
mentioned certification data generation output means Certification data generation equipment 
characterized by outputting the 1st auxiliary information set for certification which is the result of 
decrypting the above-mentioned auxiliary information set for encryption certification by performing the 
above-mentioned processing. 

[Claim 2] Certification data generation equipment according to claim 1 currently held in a defense 
means to close at least that the above-mentioned user proper information storage means, the above- 
mentioned use conditional-judgment means, and the above-mentioned certification data generation 
output means observe internal data and processing procedure from tiie outside if . 
[Claim 3] It has a frequency information maintenance means to hold electronic frequency information 
furthermore. To the above-mentioned use condition information The number of availabilities which 
should be paid when it uses is included. The above-mentioned use conditional -judgment means The 
electronic fi-equency information currently held at the above-mentioned frequency information 
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maintenance means is compared with the number of availabilities contained in the above-mentioned use 
condition information. The frequency for several availability minutes contained in the above-mentioned 
use condition information from the electronic frequency information currently held for the above- 
mentioned frequency information maintenance means only at the time more than the number of 
availabilities by which the electronic frequency information currently held at the above-mentioned 
frequency information maintenance means is included in use condition information is reduced. 
Certification data generation equipment according to claim 1 or 2 which makes judgment of continuing 
subsequent processings. 

[Claim 4] The number of availabilities which the number of availabilities contained in the 1st use 
condition information contained in the auxiliary information set for certification of the above 1st is zero 
frequency, and is contained in the 2nd use condition information contained in the auxiliary information 
set for certification of the above 2nd is certification data generation eqiiipment according to claim 3 
characterized by being except zero. 

[Claim 5] It is certification data generation equipment according to claim 1, 2, 3, or 4 which makes 
judgment of continuing subsequent processings only when it has the clock in which time of day is 
furthermore shown, and expiration date information is further indicated by the 1st use condition 
information contained in the auxiliary information set for certification of the above 1st, the above- 
mentioned use conditional-judgment means compares the above-mentioned time of day and the above- 
mentioned expiration date information with it and this time of day is within an expiration date. 
[Claim 6] Certification data generation equipment according to claim 1, 2, 3, 4, or 5 constituted at least 
as a small arithmetic unit which means other than the above-mentioned auxiliary information set storage 
means for certification can carry. 

[Claim 7] In the access rating authentication equipment which attests the above-mentioned user's access 
rating by verifying the justification of the certification data generated in order to prove a user's access 
rating The 1st storage means which memorizes the data for authentication, and the 2nd storage means 
which memorizes a user's proper information, The 3rd storage means which memorizes the auxiliary 
information for encryption certification which enciphered and generated the 1st auxiliary information for 
certification which performed and generated predetermined count to the above-mentioned user's proper 
information, and the description information on access rating authentication, As opposed to the above- 
mentioned user's proper information, the decode key of the above-mentioned encryption, and the use 
condition information that described the access condition The 4th storage means which memorizes the 
2nd auxiliary information set for certification which consists of the 2nd auxiliary information for 
certification which performed and generated predetermined count, and the above-mentioned use 
condition information, When it judges that a means to judge whether predetermined processing is 
continued according to the above-mentioned use condition information included in the auxiliary 
information set for certification of the above 2nd memorized by the storage means of the above 4th, and 
the above-mentioned predetermined processing are continued The above-mentioned auxiliary 
information for encryption certification memorized by the storage means of the above 3rd, A means to 
perform predetermined count to the above-mentioned user's proper information memorized by the 
storage means of the above 2nd, and the auxiliary information set for certification of the above 2nd 
memorized by the storage means of the above 4th, and to restore the auxiliary information for 
certification on the above 1st, The above-mentioned data for authentication memorized by the storage 
means of the above 1st, and the above-mentioned user's proper information memorized by the storage 
means of the above 2nd, Access rating authentication equipment characterized by having a means to 
perform predetermined count to the auxiliary information for authentication on the restored above 1st, 
and to generate certification data, and a means to verify the generated above-mentioned certification 
data. 

[Claim 8] In the access rating authentication equipment which attests the above-mentioned user's access 
rating by verifying the justification of the certification data generated in order to prove a user's access 
rating The 1st storage means which memorizes the data for authentication, and the 2nd storage means 
which memorizes a user's proper information, The 1st auxihary information for certification which 
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perfonned and generated predetermined count to the above-mentioned user's proper information, the 
description information on access rating authentication, and the 1st use condition information that 
described the access condition, The 3rd storage means which memorizes the auxiliary information set 
for encryption certification which enciphered and generated the 1st auxiHary information set for 
certification which consists of use condition information on the above 1st, As opposed to the above- 
mentioned user's proper information, the decode key of the above-mentioned encryption, and the 2nd 
use condition information that described the access condition The 4th storage means which memorizes 
the 2nd auxiliary information set for certification which consists of the 2nd auxiliary information for 
certification which perfonned and generated predetermined count, and use condition information on the 
above 2nd, A means to judge whether the 1st processing is continued according to the use condition 
information on the above 2nd included in the auxiliary information set for certification of the above 2nd 
memorized by the storage means of the above 4th, and when it judges that the 1st above-mentioned 
processing is continued The above-mentioned auxiliary information set for encr>'ption certification 
memorized by the storage means of the above 3rd, A means to perform predetermined count to the 
above-mentioned user's proper information memorized by the storage means of the above 2nd, and the 
auxiliary information set for certification of the above 2nd memorized by the storage means of the above 
4th, and to restore the auxiliary information set for certification of the above Ist, A means to judge 
whether the 2nd processing is continued according to the use condition information on the above 1st 
included in the auxiliary information set for certification of the restored above 1st, and when it judges 
that the 2nd above-mentioned processing is continued The above-mentioned data for authentication 
memorized by the storage means of the above 1st, and the above-mentioned user's proper information 
memorized by the storage means of the above 2nd, Access rating authentication equipment characterized 
by having a means to perform predetermined count to the auxiliary information set for certification of 
the restored above 1st, and to generate certification data, and a means to verify the generated above- 
mentioned certification data. 

[Claim 9] In the access rating authentication approach which attests the above-mentioned user's access 
rating by verifying the justification of the certification data generated in order to prove a user's access 
rating TTie 1st step which memorizes the data for authentication, and the 2nd storage step which 
memorizes a user's proper information, The 1st auxiliary information for certification which performed 
and generated predetermined count to the above-mentioned user's proper information, the description 
information on access rating authentication, and the 1st use condition information that described the 
access condition, The 3rd step which memorizes the auxiliary information set for encryption 
certification which enciphered and generated the 1st auxiliary information set for certification which 
consists of use condition information on the above 1st, As opposed to the above-mentioned user's proper 
information, the decode key of the above-mentioned encryption, and the 2nd use condition information 
that described the access condition The 4th storage step which memorizes the 2nd auxiliary information 
set for certification which consists of the 2nd auxiliary information for certification which performed 
and generated predetermined count, and use condition information on the above 2nd, The step which 
judges whether the 1st processing is continued according to the use condition information on the above 
2nd included in the auxiliary information set for certification of the above 2nd memorized at the storage 
step of the above 4th, and when it judges that the 1st above-mentioned processing is continued The 
above-mentioned auxiliary information set for encryption certification memorized at the storage step of 
the above 3rd, The step which performs predetermined count to the above-mentioned user's proper 
information memorized at the storage step of the above 1st, and the auxiliary information set for 
certification of the above 2nd memorized at the storage step of the above 4th, and restores the auxiliary 
information set for certification of the above 1st, The step which judges whether the 2nd processing is 
continued according to the use condition information on the above 1st included in the auxiliary 
information set for certification of the restored above 1st, and when it judges that the 2nd above- 
mentioned processing is continued The above-mentioned data for authentication memorized at the 
storage step of the above 1st, and the above-mentioned user's proper information memorized at the 
storage step of the above 2nd, The access rating authentication approach characterized by having the 
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step which performs predetermined count to the auxiliary information set for certification of the restored 
above 1st, and generates certification data, and the step which verifies the generated above-mentioned 
certification data. 

[Claim 10] In the auxiliary information generation equipment for certification which generates the 
auxiliary information for certification that it uses for the access rating authentication equipment which 
attests the above-mentioned user's access rating by verifying the justification of the certification data 
generated in order to prove a user's access rating A means to perform predetermined count and to 
generate the 1st auxiliary information for certification to a user's proper information, the description 
information on access rating authentication, and the 1st use condition information that described the 
access condition, A means to encipher the 1st auxiliary information set for certification which consists 
of auxiliary information for certification on the above 1st, and use condition information on the above 
1st, As opposed to the above-mentioned user's proper information, the decode key of the above- 
mentioned encryption, and the 2nd use condition infonnation that described the access condition 
Auxiliary information generation equipment for certification characterized by to have a means generate 
and output the complex auxiliary information for certification from a means performs predetermined 
coimt and generate the 2nd auxiliary information for certification, and the 1st auxiliary information set 
for certification which carried out [ above-mentioned ] encryption and the auxiliary information set for 
certification of the above 2nd. 

[Claim 1 1] In the auxiliary information generation method for certification which generates the auxiliary 
information for certification that it uses for the access rating authentication equipment which attests the 
above-mentioned user's access rating by verifying the justification of the certification data generated in 
order to prove a user's access rating The step which performs predetermined count and generates the 1st 
auxiliary infonnation for certification to a user's proper information, the description information on 
access rating authentication, and the 1st use condition information that described the access condition, 
The step which enciphers the 1st auxiliary information set for certification which consists of auxiliary 
information for certification on the above 1st, and use condition information on the above 1st, The 
auxiliary information generation method for certification characterized by having the step which 
performs predetermined count and generates the 2nd auxiliary information for certification to the above- 
mentioned user's proper information, the decode key of the above-mentioned encryption, and the 2nd 
use condition information that described the access condition. 



[Translation done.] 
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DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention relates to the certification data generation equipment which 
generates especially the above-mentioned certification data about the technique which attests a user's 
access rating by verifying the justification of the certification data generated in order to prove a user's 
authority. 
[0002] 

[Description of the Prior Art] The program execution control technique is known as advanced 
technology belonging to this invention and an isomerism field. The user who has tried activation of 
application inspects holding the key for authentication of normal, a program execution control technique 
embeds the routine for user authentication into ** application program, ** this routine restricts it, when 
existence of the key for the ** aforementioned authentication is checked, it continues a program, and 
when other, it is the technique which stops program execution. 

[0003] By using such a technique, activation of an application program can be closed to him, if only to 
the user of the normal which holds an authentication key. It is put in practical use in the software 
distribution enterprise and this technique is Rainbow as a product. Technologies, SentinelSuperPro 
(trademark) of an Inc. company, and Aladdin Knowledge Systems There is an HASP (trademark) of a 
Ltd. company etc. 

[0004] With these techniques, a software vendor encloses a user's authentication key with the memory in 
hardware severely, in order to prevent a duplicate, it is distributed to a user using a postal physical 
means, and a user equips with and uses this for a proprietary personal computer etc. 
[0005] These techniques must perform protection processing of a program based on this authentication 
key, after a programmer assumes beforehand the authentication key which a user has, when creating an 
application program. That is, only when the right reply from hardware with a built-in key is predicted at 
the time of a programming and a right reply is received, a programmer has to create a program so that a 
program may operate normally. 

[0006] The use gestalt of the conventional technique of having such a description becomes the following 
two kinds fundamentally. 

[0007] ** By the 1st approach, prepare a user's authentication key so that it may differ for every user. 
That is, every one different authentication key for every user is prepared for the user first like 
authentication **** at authentication **** and the user second. 

[0008] ** By the 2nd approach, a programmer prepares an authentication key which is different for 
every application, respectively. That is, every one authentication key which is different for every 
application like authentication **** is prepared for the application first at authentication **** and the 
application second, and each application program is created so that the authentication key of a proper 
may be identified. 

[0009] However, in any [ these ] case, it has a problem which is described below. 

[0010] In the case of tiie 1st approach, a programmer needs to change the authentication routine in a 
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program appropriately for every user, and needs to create a program. That is, since authentication keys 
differ for every user, the authentication routine in a program must be created so that the authentication 
key of the user proper using this program may be identified, and a programmer needs to create the 
program from which only the number of use users differs. 

[001 1] When the target users are a large number, the activity which changes a program an individual 
exception for every user requires an effort intolerable for a programmer, and becomes what also has a 
huge list of user authentication keys which must be managed. 

[0012] In the case of the 2nd approach, the need of creating a program individually for every user like 
[ in the case of the 1st approach ] is lost, but as for a user, only the number of the applications to be used 
must hold an authentication key conversely. 

[0013] As for this constraint, the following problems are caused in a programmer and each user, 
[0014] As mentioned above, it is necessary to distribute an authentication key to a user in the condition 
of having enclosed with hardware severely. Therefore, it cannot but depend for distribution of the 
hardware which builds an authentication key in that the program itself can be distributed simple through 
a network, and a contrast target on physical means, such as mail, this limit ~ cost, time amount, and the 
time and effort of packing ~ any ~ very much ~ a programmer ~ **** ~ it becomes a big burden. 
[0015] A programmer has to do the fixed number stock of the different hardware for every application 
so that he may meet the demand of a user, and he needs the cost of stock control 
[0016] Moreover, a user must be content with the complicatedness that hardware must be exchanged 
whenever it changes the application to be used. 

[0017] Though he wants to use application with a user, it must wait until the hardware with which the 
authentication key was enclosed arrives, and produces inconvenient [ in the point that it cannot use 
immediately ]. 

[0018] As a technique which solves this problem, these people have proposed the new access rating 
verification technique (ciurent un-opening [ Japanese Patent Application No. No. 062076 / 08 to /, ] to 
the public). 

[0019] The description information and user proper information on access rating authentication are 
made to become independent, and if the protection side and user side also prepares one proper 
information, he is trying to end by introducing the auxiliary information for certification (access ticket) 
by the proposal of Japanese Patent Application No. No. 062076 [ 08 to ]. 
[0020] An access ticket is data calculated based on a specific user's proper information, and the 
description information on access rating authentication, and is difficult to calculate the description 
information on access rating authentication for user proper information fi-om an access ticket to not 
knowing. And the data for right certification are calculated only within the case where the right 
combination of user proper information and an access ticket, i.e., the combination of the access ticket 
calculated based on user proper information and this user proper information, is inputted, 
[0021] Therefore, access rating of users, such as execution control, can be attested by a user's holding 
proper information beforehand, and protection persons', such as a programmer's, preparing the 
description information on access rating authentication independently of the proper information which a 
user possesses, and creating an access ticket according to a user's proper information and the description 
information on access rating authentication used for creation of an application program etc., and 
distributing. 

[0022] Using this technique, it protects to an application program, a user is supplied widely, and the 
service which provides with an access ticket the user who wishes use of an application program can be 
considered, 

[0023] Media, such as an IC card which enclosed different proper information for every user, are passed 
to the user who wishs, and a programmer distributes to a program using the description information on 
access rating authentication, protecting, and the ticket issue contractor who received commission in the 
user who wishes use of a program fix>m the programmer or the programmer offers an access ticket. 
[0024] When such service is considered, it becomes a problem how and when it charges. In the case of 
this example, in case an access ticket is published, the tariff which is equivalent to the price of a 
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program in exchange for issue of a ticket can be collected, 

[0025] By the way, when considering dealing service of the right of use of such a program, the gestalt of 
the following rights can be considered. 

** Purchase (purchase) : how to buy the right of use. Once it purchases, it can use eternally. Then, the 
tariff is the same in spite of not using. 

** Paper youth (pay-per-use) : it is also called the amount accounting of use. It is charged according to 
the used amount. 

** RENTO (rent) : purchase the right of use of a fixed period. If a term passes, it will become 
impossible to use. 

[0026] Although it is easy to realize a purchase when the technique of above-mentioned Japanese Patent 
Application No. No. 062076 [ 08 to ] is used, it is difficult to realize RENTO. 

[0027] Since it is necessary to record the log to the ticket used into a user's IC card in order for a user to 
submit use hope to a ticket issue contractor every, and ticket issue actuation is frequently needed 
upwards and to realize an access ticket usable once although a ticket issue contractor can be realized by 
publishing an access ticket usable once whenever it uses about a paper youth, it is not so realistic, 
[0028] To this problem, these people have proposed introducing use control information into the rating 
authentication technique of an access ticket (current m-opening [ Japanese Patent Application No. No. 
191756/08 to /, ] to the public). By the technique of Japanese Patent Application No. No. 191756 [ 08 
to ], in case use control information is introduced into Japanese Patent Application No. No. 062076 [ 08 
to ] and information is decrypted, this use control information is also used. As an example of use control 
information, the mformation on whether the available time the expiration date, the count of usable, and 
total, the use upper limit amoimt of money, and the hysteresis of processing are taken etc. is indicated. 
[0029] It is possible to realize RENTO, when use control information is the expu-ation date. 
[0030] Moreover, in the case of the information that use control information takes the hysteresis of 
processing, the function near a paper youth is realizable by the approach of calculating the used count 
and charging it, by collecting the hysteresis and totaling in a fixed period. If the amount of use per time 
is furthermore indicated to use control information, it will become possible to realize a flexible paper 
youth. 

[0031] That is, by the technique of Japanese Patent Application No. No. 191756 [ 08 to ], the gestalt 
purchase, the paper youth, and RENTO of the right mentioned above can all be realized. 
[0032] Next, the approach of payment is considered. Following two can be considered as the approach 
of payment. 

[0033] ** How to pay at the time of ticket issue : how to pay, in case a ticket issue contractor publishes 
an access ticket. A tariff may be recorded by the case where it pays by electronic money, and the issue 
contractor side, and bank transfer etc. may liquidate. 

[0034] ** How to pay by prepaid one : a user purchases prepaid frequency beforehand, holds in the IC 
card etc., and pull down the frequency which corresponds from prepaid one in the time of purchase, or 
the case of use. 

[0035] If the technique of Japanese Patent Application No. No. 191756 [ 08 to ] is used, the gestalt 
purchase, the paper youth, and RENTO of the right mentioned above are all realizable by the approach 
of paying at the time of** ticket issue. 

[0036] On the other hand, by the approach of paying by ** prepaid, a paper youth can be realized easily, 
every [ that is, / given / the prepaid information currently held whenever it attests by indicating the 
amount of use per time to use control information to / in use control information / frequency ] - what is 
necessary is just to pull down 

[0037] However, it is the approach of paying by ** prepaid, and it is difficult to realize a purchase and 
RENTO. A purchase carries out accounting by prepaid one only to the first utilization time, and is 
because processing in which it does not charge is required for the utilization time of the 2nd henceforth. 
[0038] About a purchase, indicate the amount of acquisition of the right of use to use control 
infonnation, and it pulls down firom the prepaid information which holds the frame to the first utilization 
time. The information on the used this access ticket is registered into an IC card. To the utilization time 



http://www4.ipdl.inpit.go.jp/cgi-bin/tran_web_cgi_ejje 



8/31/2007 



JP,1 1-032037,A [DETAILED DESCRIPTION] 



Page 4 of 12 



of the 2nd henceforth Whether the ticket which it is going to use is already registered into the IC card 
checks, and when registered, it is also possible to realize with constituting so that it may not pull down 
from prepaid information. However, since it cannot erase during the period, when [ very long ] using 
many tickets, this registration information will run short of the storage capacity of an IC card, and is not 
a not much realistic solution. 

[0039] Also in RENTO, the amount of a rental and an expiration date are indicated to use control 
information, although it is possible, similarly realizing by taking the same approach as a purchase will 
run short of the storage capacity of an IC card, and it is not a not much realistic solution. 
[0040] 

[Problem(s) to be Solved by the Invention] This invention is made in view of the above troubles, and it 
makes it a technical problem to make it possible to realize a purchase and RENTO also in the approach 
of paying by prepaid one, without covering an excessive load over a certification data generation 
equipment (IC card) side. 
[0041] 

[Means for Solving the Problem] A data input means for authentication to input the data for 
authentication into the certification data generation equipment which is generated in order to attest a 
user's access rating, and generates the certification data which have justification verified in order to 
solve an above-mentioned technical problem according to this invention, A user proper information 
storage means to memorize a user's proper information, and a user's proper information, The auxiliary 
information for certification which performed and generated predetermined count to the description 
information on access rating authentication, and the use condition information which described the 
access condition, An auxiliary information set storage means for certification to memorize the auxiliary 
information set for certification containing a group with use condition information. The auxiliary 
information set for certification corresponding to the inputted data for authentication is taken out from 
the above-mentioned auxiliary information set storage means for certification. The above-mentioned 
picking when it is judged as continuation in a use conditional-judgment means to judge whether 
subsequent processings are continued, and the above-mentioned use conditional-judgment means, 
according to the use condition information on the taken-out auxiUary information set for certification 
The above-mentioned picking The taken-out auxiliary information set for certification, and the data for 
authentication inputted from the above-mentioned data input means for authentication. Perform 
predetermined count to the above-mentioned user's proper information memorized by the above- 
mentioned user proper information storage means, and a certification data generation output means to 
generate and output certification data is established. From the above-mentioned data input means for 
authentication, the auxiliary information set for encryption certification which enciphered the 1st 
auxiliary information set for certification with the encryption key in a code fimction is inputted. The 
above-mentioned use conditional-judgment means The 2nd auxiliary infomiation set for certification 
corresponding to the inputted auxiliary information set for encryption certification is taken out from the 
above-mentioned auxiliary information set storage means for certification. After performing 
predetermined processing according to the use condition information on the 2nd auxiliary information 
set for certification taken [ above-mentioned ] out picking, it judges whether subsequent processings are 
continued. The above-mentioned certification data generation output means He is trying to output the 1st 
auxiliary information set for certification which is the result of decrypting the above-mentioned 
auxiliary information set for encryption certification by performing the above-mentioned processing. 
[0042] That is, the 1st auxiliary information set for certification is decrypted from the auxiliary 
information set for encryption certification by enciphering the 1st auxiliary information set for 
certification which is the usual auxiliary information set for certification (access ticket), creating the 
auxiliary information set for encryption certification, and carrying out the completely same processing 
as the usual authentication processing using the 2nd auxiliary information set for certification for 
accessing to this auxiliary information set for encryption certification. 
[0043] Thus, by constituting, a use tariff creates a free ticket (1st auxiliary information set for 
certification), it enciphers, and implementation of the purchase function in prepaid one is made possible 
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as a whole by constituting so that the ticket (2nd auxiliary information set for certification) for 

decrypting the enciphered ticket may be published, the use tariff of this ticket (2nd auxiliary information 

set for certification) may be made into the charge and it may pay by prepaid one. 

[0044] A RENTO function is realizable by indicating expiration date information to the use condition 

information on the 2nd auxiliary information set for certification in addition to this. 

[0045] In addition, realizing efficiently is possible, without putting in an excessive program and data in 

an IC card with comparatively little capacity, since it constituted so that the same processing as 

authentication processing of the usual ticket might be performed in order to have decrypted the 

enciphered ticket. 

[0046] 

[Embodiment of the Invention] Hereafter, the example of this invention is explained. 

[0047] Drawing 1 shows the block diagram of this example. In this example, prepaid information is held 

in certification data generation equipment, and the example (purchase) which purchases the access 

privilege of an application program is explained using that prepaid information. 

[0048] Drawing 1 shows including the certification data verification equipment which verifies the 

certification data generated and outputted with certification data generation equipment. 

[0049] First, after explaining the configuration of this example based on drawing 1 , while a flow chart 

shows the flow of processing of certification data verification equipment and certification data 

generation equipment, it explains. It explains to an example by carrying out authentication processing 

usual to explanation of the flow of processing, and the example pulled down fi-om prepaid one for 

whenever [ of one use to the use condition information L / every ] is explained. And the example 

(purchase) which purchases the access privilege of an application program after explanation of the usual 

authentication processing is explained. 

[0050] It is equipment of the pocket moid which [configuration of example] drawing 1 shows the 
configuration of an example as a whole, and a user holds certification data generation equipment 10 in 
this drawing, and had a count function in the interior like an IC card. The PC card which had a count 
function besides the IC card, a pocket mold information tool or a subnote PC, etc, may be used. It is 
desirable to be defended so that information on internal may not be simply altered firom the outside. 
[0051] A user is the personal computer which uses an application program, and certification data 
verification equipment 20 equips with and uses the IC card which is certification data generation 
equipment 10 for the slot of a personal computer. 

[0052] Certification data verification equipment 20 consists of the data generation section 21 for 
authentication, and the certification data verification section 22 greatiy. When needing to be attested, the 
data generation section 21 for authentication generates the data for authentication, and sends them to 
certification data generation equipment 10. The certification data with which the certification data 
verification section 22 was returned fix)m certification data generation equipment 10 verify whether it is 
the right. 

[0053] If it is protected by encryption etc. and a user is going to use an application program, an 
application program will restrict certification data-verification equipment 20, when the data for 
authentication corresponding to the application program are created, the certification data returned to 
certification data generation equipment 10 fi-om delivery and certification data generation equipment 10 
are verified and it is verified with the right, and will make it possible to remove and use protection of an 
application program. 

[0054] On the other hand, certification data generation equipment 10 is constituted including the user 
proper information storage section 1 1, the frequency information attaching part 12, the access ticket 
storage section 13, the data input section 14 for authentication, the use conditional-judgment section 15, 
and the certification data generation output section 16. 

[0055] The user proper information storage section 1 1 is a part holding a user's confidential information, 
and is different information for every user. As for user proper information, it is desirable to be 
constituted so that it may be enclosed when certification data generation equipment 10 is created, and it 
cannot take out to a user, either. 
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[0056] The frequency infonnation attaching part 12 is a part holding prepaid information, and the 
required frame is reduced according to use, purchase, etc. of an application program. Increasing is also 
possible when a frame decreases. The technique proposed by Japanese Patent Application No. No. 
21373 [ nine to ] can be used for the approach of increase. By this technique, frequency information is 
increased using frequency information and the frequency information which signed. It is required to 
carry out the change in the frame in the frequency information attaching part 12 to insurance, and it is 
desirable to constitute so that access of those other than the defined approach cannot be performed. 
[0057] The access ticket storage section 13 has memorized two or more access tickets. An access ticket 
gives a user access rating and is created by the ticket issue confractor who received commission from the 
application program implementer or the application program implementer. In this example, an access 
ticket is the group of the auxiliary information for certification and use condition infonnation which 
were calculated by performing predetermined coimt to a user's proper infonnation, the description 
information on access rating authentication, and the use condition information that described the access 
condition of access rating authentication. Although the access ticket storage section is constituted in the 
IC card, since only he who was published can use an access ticket, the copy is free and may consist of 
this examples in the IC card exterior. 

[0058] The data input section 14 for authentication is a part which inputs the data for authentication sent 
from certification data verification equipment 20. 

[0059] The use conditional-judgment section 15 takes out the access ticket corresponding to the inputted 
data for authentication from the access ticket storage section 13, and judges use conditions based on the 
use condition information in an access ticket. For example, it judges [ whether the expiration date of an 
access ticket has run out or it is sufficient for paying a use tariff by prepaid one which it holds and ] 
whether use conditions are judged and subsequent processings are continued. 

[0060] The certification data generation output section 16 generates and outputs certification data, only 
when judged as continuation in the use conditional-judgment section 15. Certification data perform and 
create predetermined count to the auxiliary information for certification in the access ticket taken out in 
the use conditional-judgment section 15, the data for authentication, and a user's proper information. 
[0061] Next, an example is given and it explains to a detail fiirther. Explanation here makes the usual 
authentication processing an example, explains, and explains to the use condition information L the 
example pulled down from prepaid one for whenever [ of one use / every ]. 

[0062] Drawing 2 attaches a notation to the block diagram of drawing 1 , The notation corresponds with 
the following explanation. 

[0063] below the [usual authentication processing] ~ law - the example using the RSA (Rivest-Shamir- 
Adelman) code in n is explained to a detail. First, the usual authentication processing is explained. In the 
following examples, the software vendor which is the implementer of an application program explains 
the example which performs all from issue of an IC card to issue of a ticket. In this example, the 
software vendor knows all users' confidential information du. The configuration whose ticket issue 
contractor performs issue of an IC card and a ticket besides this is also possible. 
[0064] A software vendor creates the cryptographic key to an application program to protect, since RSA 
cryptograph is used here ~ the big prime factors p and q ~ secret - creating ~ law ~ a number n is 
created as n^p-q. next, law - the origin of a number n ~ a cryptographic key E and the decode key D ~ 
[0065] 

[Equation 1] ED**1 mod phi (n) 

******** ~ it generates like, phi (n) is the Euler number and is phi(n) =^ (p-1) (q-1) here. 

[0066] Next, a software vendor enciphers a part or all of an application program that wants to make and 

protect the common cryptographic key K by K, and is [0067]. 

[Equation 2] K-KE mod n is calculated, and it embeds and distributes to the application program which 
enciphered K' so that the 3rd person cannot take out. 

[0068] The user who wants to use this application program will receive the access ticket corresponding 
to this beforehand. 

[0069] A software vendor publishes an access ticket in response to the access ticket issue demand from a 
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user. A software vendor picks out the confidential information du of the user who required, and the 
decode key (D, n) corresponding to the cryptographic key (E, n) used on the occasion of encryption of 
an application program from a database. Next, the use condition information L given to an access ticket 
is created. Here, since it pulls down from prepaid one and charges, the amount of use pulled down about 
one use is set to L. And such information is used and it is [0070]. 
[Equation 3] t=D-F(n,L,du) 

It carries out and the auxiliary information t for certification is created. On the other hand, function FQ is 
the function of tropism, and, on the other hand, can use tropism Hash Function MD5, SHA, etc. a 
common key encryptosystem DBS (DataEncryption Standard), etc. here. 
[0071] A software vendor is published to a user by using the group of (t, L, n) as an access ticket. 
[0072] If a user is going to use an application program, certification data verification equipment will 
create the data for authentication corresponding to the application program (C, n), and will send them to 
certification data generation equipment. 

[0073] The flow of this processing is shown in the flow chart of drawing 3 , and it explains based on 
this. 

: (Step Sll) The certification data generation section 21 takes out K' and n from the protected 
application program. 

: (Step SI 2) The certification data generation section generates a random number r, and stores it in a 

random-number attaching part. 

(Step SI 3) :C=rEK' mod n is calculated. 

(Step SI 4) It sends to certification data generation equipment 10 by using the group of : (C, n) as the 
data for authentication. 

[0074] Next, the flow of certification data generation equipment 10 is shown in drawing 4 , and 

processing of certification data generation equipment 10 is explained based on this. 

: (Step S21) The data for authentication (C, n) are inputted from the data input section 14 for 

authentication. 

: (Step S22) The use conditional-judgment section 15 uses n as a key, searches the access ticket storage 
section, and takes out an access ticket (t, L, n). 

: (Step S23) The use conditional-judgment section 15 compares the frequency information V on the use 
conditions L in the taken-out access ticket (amount of use), and a frequency information attaching part. 
: (Steps S24-S25) At the time of V>=L, the certification data generation output section 16 progresses to 
(step S26). When that is not right, the certification data generation output section outputs an error, and is 
completed. 

: (Step S26) Only the part of the use conditions (amount of use) L reduces the frequency information V 
for which the use conditional-judgment section 15 is held at the frequency information attaching part 12. 

; (Steps S26-S29) The certification data generation output section 16 calculates and outputs the 
certification data R using the auxiliary information t for certification which the use conditional-judgment 
section 15 took out, the use conditions L (amount of use), and du read from the user proper information 
storage section 1 1 , 
[0075] 

[Equation 4] R -CF (n, L, du) mod nR=CtR' mod In n drawing 4 , although the certification data R are 
calculated, count of R' is once divided. In order for this to use a user's confidential information for count 
of R', it is necessary to calculate but so that the processing may not leak outside, and once count of R' 
finishes, it will be for performing count of R externally. Thus, you may calculate by dividing into R' and 
R, and it does not matter even if it calculates at once. 

[0076] Next, processing of the certification data verification section of certification data verification 
equipment 20 is explained. The certification data R outputted from certification data generation 
equipment 10 are [ the right user proper information du and ] [0077] when calculated using a right 
access ticket (the auxiliary information t for right certification, the right use conditions L). 
[Equation 5] 



http://www4.ipdl.inpit.go.jp/cgi-bin/tran_web_cgi_ejje 



8/31/2007 



JP,11-032037,A [DETAILED DESCRIPTION] 



Page 8 of 12 



R=CtR' mod n=CD-F(n, L, du) CF(n, L, du) mod n=CD mod n=(rE K') D mod n=(rEKE) D mod n=(rK) 
ED mod It becomes n=rK. 

[0078] Then, in the certification data verification section 22, a random number r is taken out from the 
random-number attaching part 23, and it is [0079]. 

[Equation 6] r-lR mod By calculating n, the common cryptographic key K which had enciphered 
application can come to hand. Certification data verification equipment can decode the part as which 
application was enciphered by this common cryptographic key K, and can perform application. 
[0080] In this example, certification data verification equipment has that application has performed 
correctly, and it is judged that verification was completed correctly. 
[0081] Explanation of the usual authentication processing is ended above. 
[0082] The example (purchase) which purchases the access privilege of an application program is 
explained using a [purchase], next prepaid information. 

[0083] In order to realize this function, the 1st access ticket is decrypted from an encryption access 
ticket by enciphering the 1st access ticket which is the usual access ticket, creating the encryption access 
ticket, and performing the completely same processing as the usual authentication processing using the 
2nd access ticket for accessing to this encryption access ticket. 

[0084] And at this time, a use tariff creates the 1st access ticket as a free ticket, and the 2nd access ticket 
is constituting so that a use tariff's may be made into the charge and it may pay by prepaid one, and 
enables implementation of the purchase function in prepaid one as a whole. 

[0085] First, the application program which wants to realize the function of a purchase is set to API . 
API is protected like above-mentioned explanation. 

[0086] A <explanation of protection of application program AP 1> software vendor creates the 
cryptographic key to an application program to protect, since RS A cryptograph is used here - the big 
prime factors pi and ql - secret -- creating ~ law ~ an nl number is created as nl=pl and ql. next, law 
- the origin of an nl number -- a cryptographic key El and the decode key Dl - [0087] 
[Equation 7] El and D 1**1 mod phi (nl) 

******** " it generates like, phi (nl) is the Euler number and is phi(nl) = (pI-1) (ql-1) here. 

[0088] Next, a software vendor enciphers a part or all of an application program that wants to make and 

protect the common cryptographic key Kl by Kl, enciphers the common cryptographic key Kl by the 

cryptographic key El according to the following formulas further, and generates Kl'. 

[0089] 

[Equation 8] It embeds and distributes to the application program which enciphered Kl -KlEl mod nl 
and Kl' so that the 3rd person cannot take out easily. Moreover, nl is embedded at the enciphered 
application program. 

[0090] A software vendor memorizes the group created (nl, Dl, phi (nl)) in an access ticket information 
database. 

[0091] Next, creation of a prepaid payment purchase ticket is explained. Drawing 5 shows the example 
of a configuration of the auxiliary information generation equipment 30 for certification. In this 
example, a prepaid payment purchase ticket is outputted by considering the 1st use condition 
information, the 1st decode key, user proper information, and 2nd use condition information as an input. 
In Ra w in g 5 , the input section 31 is a part which inputs the 1st use condition information, the 1st 
decode key, user proper information, and the 2nd use condition information. The 1st decode key storage 
section 33 is a part which memorizes the 1st decode key inputted from the input section 31. The 1st 
decode key is a decode key (Dl, nl) corresponding to the cryptographic key (El, nl) which enciphered 
the common cryptographic key Kl used for encryption of an application program AP 1. 
[0092] The user proper information storage section 34 is a part which memorizes the user proper 
information that it was inputted fi-om the input section 3 1 . This is the same as that of what is stored in a 
user's certification data generation equipment 10. 

[0093] When a user requests issue of a ticket, a user's identification information U and a user send nl 
taken out from the application program AP 1 which wishes to use to a software vendor. A software 
vendor from the User Information database which matches and holds a user's identification information 
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U and user proper information du User proper information is acquired by retrieving the user proper 
information du corresponding to a user's identification information U. From the access ticket 
information database holding a group, the decode key (Dl, nl) corresponding to nl is obtained, and 
moreover (n, D, phi (n)) inputs into the auxiliary information generation equipment 30 for certification. 
[0094] The 1st use condition information storage section 32 and the 2nd use condition information 
storage section 35 are parts which memorize the 1st use condition information and the 2nd use condition 
information, respectively. The 1st use condition information describes the use conditions of an 
application program AP 1, and the 2nd use condition information describes the use conditions of a 
prepaid payment purchase ticket. In the case of the prepaid payment purchase ticket, since it is charged 
at the 1st utilization time and has the property of not being charged in the utilization time of the 2nd 
henceforth, the information meaning being no charge at least is included in the 1st use condition 
information, and the information meaning being a charge at least is included at the 2nd use condition 
information. 

[0095] The 1st ticket generation section 36 is a part which performs predetermined count to the 1st use 
condition information and the 1st decode key which were inputted, and user proper information, and 
generates an access ticket. 

[0096] The component 41 which consists of the 1st use condition information storage section 32, the 1st 
decode key storage section 33, the user proper information storage section 34, and the 1st ticket 
generation section 36 is making the configuration same with generating the usual access ticket. 
[0097] The 2nd key generation section 37 is a part which generates the key for enciphering the 1st 
access ticket generated in the 1st ticket generation section 36. 

[0098] The encryption section 38 is a part which enciphers the 1st access ticket generated in the 1st 
ticket generation section 36 using the encryption key generated in the 2nd key generation section 37. 
[0099] The 2nd ticket generation section 39 is a part which generates the 2nd access ticket which is 
needed in order to decrypt the encryption access ticket enciphered in the encryption section 38. 
[0100] The ticket output section 40 is outputted as a prepaid payment purchase ticket combining the 
encryption access ticket enciphered in the encryption section 38, and the 2nd access ticket generated in 
the 2nd ticket generation section 39, 

[0101] The approach of creation of a prepaid payment purchase ticket is explained below to <creation of 
a prepaid payment purchase tickef> using the flow chart of drawing 6 . 

[0102] A software vendor publishes a prepaid payment purchase ticket in response to the prepaid 
payment purchase ticket issue demand from a user. The user who requests issue of a ticket sends nl 
taken out from the application program AP 1 with which a user's identification information U and a user 
wish to use to a software vendor. 

[0103] : (Step S31) A software vendor inputs the group (U, nl) of nl taken out from identification 
information U and application program AP 1 of the user who is the prepaid payment purchase ticket 
issue demand from a user. Moreover, the 1st use condition information LI which described the use 
conditions of an application program AP 1, and the 2nd use condition information L2 which described 
the use conditions of a prepaid payment purchase ticket are also inputted. Here, it is [0104] as which the 
1st use condition information LI means that a use tariff is no charge since it aims at generation of a 
prepaid payment purchase ticket. 

[Equation 9] It is [0105] as which it is L1=0 and the 2nd use condition information L2 means that the 
tariff of a purchase is a charge. 

[Equation 10] It is referred to as L2=A. However, A is figures other than zero, for example, is 100. 
[0106] : (Step S32) The user proper information du corresponding to a user's identification information 
U is retrieved from the User Information database which matches and holds a user's identification 
information U and user proper information du. 

(Step S33) From the access ticket information database holding the group of : (n, D, phi (n)), the 1st 

decode key (Dl, nl) corresponding to nl is searched. 

: (Step S34) The 1st access ticket Tl for a user to access API is created. 

[0107] 
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[Equation 11] Tl=(tl.Ll,nl) 
tl=Dl-F(nl,Ll,du) 

(Step S35) : -- in order to encipher the 1st access ticket Tl - the 2nd law - an n2 number, the 2nd 
cryptographic key E2, and the 2nd decode key D2 are generated, the big prime factors p2 and q2 are 
generated, and the following formulas are realized ~ as ~ law -- an n2 number, a cryptographic key E2, 
and the decode key D2 are generated. 
[0108] 

[Equation 12] n2=p2, q2E2, and D 2** 1 mod phi (n2) 
phi(n2) = (p2-l)(q2-l) 

: (Step S3 6) The 1st access ticket Tl is enciphered by the 2nd generated cryptographic key E2. What 

enciphered Tl is made into Tl'. 

[0109] 

[Equation 13] Tl -T1E2 mod n2 (step S37): Create the 2nd access ticket T2 for a user to decode 

enciphered access ticket Tl'. 

[0110] 

[Equation 14] T2=(t2,L2,n2) 
t2-D2-F(n2,L2,du) 

(Step S38) : (Tl', n2) (T2) is made into a group, and it outputs as a prepaid payment purchase ticket. 
[01 1 1] A software vendor sends the outputted prepaid payment purchase ticket (Tl', n2) (T2) to a user. 
[0112] Next, the example of use of a prepaid payment purchase ticket is explained. 
[01 13] The user who received the (example a) prepaid payment purchase ticket (Tl*, n2) (T2) stores T2 
in the access ticket storage section 13 first. [ <example of use of prepaid payment purchase ticket> ] 
(b) Next, input from the data input section 14 for authentication of the certification data generation 
equipment 10 with which he holds (Tl', n2). 

[0114] Hereafter, processing in certification data generation equipment 10 is performed according to 

drawing 4 . Now, suppose at the frequency information attaching part 12 of certification data generation 

equipment 14 that the prepaid information V on 800 frequencies is held. (V=800) 

: (Step S21) From the data input section 14 for authentication, the data for authentication (Tl', n2) are 

inputted. 

: (Step S22) The use conditional-judgment section 15 uses n2 as a key, searches the access ticket storage 
section 13, and takes out access ticket T2= (t2, L2, n2). 

: (Step S23) The use conditional-judgment section 15 compares the frequency information V on the 
frequency information attaching part 12 with the use conditions L2 in the taken-out access ticket. 
: (Step S24) Since it is now, L2=100, and V= 800, it is [01 15]. 
[Equation 15] V>==L2 is realized and it progresses to (step S26). 

: (Step S26) Only the part of the use conditions L2 reduces the frequency information V for which the 
use conditional-judgment section 15 is held at the frequency information attaching part 12. 
[0116] 

[Equation 16] As an acquisition tariff of a prepaid payment purchase ticket, V=800-100=700 [ V ], i.e., 
frequency information, are pulled down the number of 100 degrees, and it serves as remainder 700 
frequency. 

: (Steps S27-S29) The certification data generation output section 16 calculates and outputs the 
certification data R using the auxiliary information t2 for certification and the use conditions L2 which 
the use conditional-judgment section 15 took out, and du read from the user proper information storage 
section 1 1 . 
[0117] 

[Equation 17] R'=T1'F (n2, L2, du) mod n2R=Trt2R' mod It is [0118] when n2R is calculated. 
[Equation 18] 

R=Trt2R' mod n2=Tl'D2-F(n2, L2, du) CF(n2, L2, du) mod n2=Tl' D2 mod n2=(Tl E2) D2 mod 
Count called n2=Tl is realized and it is [01 19] as certification data R from the certification data 
generation output section 16. 
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[Equation 19] R=T1 is outputted. 

[0120] That is, if it inputs from the data input section 14 for authentication of the certification data 

generation equipment 10 with which he holds (Tl', n2), L2 will be pulled down from the frequency 

information V, and Tl by which Tl' was decoded as a result will be outputted. 

[0121] (c) A user stores Tl which came to hand in the access ticket storage section 13, 

[0122] (d) Since the user obtained the access ticket Tl for using an application program AP 1, he uses an 

application program AP 1, 

[0123] Hereafter, data generation processing for authentication in certification data verification 
equipment 10 is performed according to drawing 3 . 

: (Step SI 1) The data generation section 21 for authentication takes out Kl' and nl from the protected 
application program. 

: (Step SI 2) The data generation section 21 for authentication generates a random number r, and stores it 
in the random-number attaching part 23. 
(Step SI 3) :C=rEKr mod nl is calculated. 

(Step SI 4) It sends to certification data generation equipment 10 by using the group of : (C, nl) as the 
data for authentication. 

(e) Processing in certification data generation equipment 1 0 is again performed according to drawing 4 . 
; (Step S21) From the data input section 14 for authentication, the data for authentication (C, nl) are 
inputted. 

: (Step S22) The use conditional-judgment section 15 uses nl as a key, searches the access ticket storage 
section 13, and takes out access ticket Tl= (tl, LI, nl). 

: (Step S23) The use conditional-judgment section 15 compares the frequency information V on the 
frequency information attaching part 12 with the use conditions LI in the taken-out access ticket. 
: (Step S24) Since it is now, L1=0, and V= 700, it is [0124]. 
[Equation 20] V>=L1 is realized and it progresses to (step S26). 

: (Step S26) Only the part of the use conditions LI reduces the frequency information V for which the 
use conditional-judgment section 15 is held at the frequency information attaching part 12. 
[0125] 

[Equation 21] First, as an acquisition tariff of a prepaid payment purchase ticket, since V=700-0=700 
[ V ], i.e., frequency information, are pulled down the number of 100 degrees, by use of the 2nd 
henceforfli, it is not pulled down but serves as as [ remainder 700 frequency ]. 
: (Steps S27-S29) The certification data generation output section 16 calculates and outputs the 
certification data R using the auxiliary information tl for certification and the use conditions LI which 
the use conditional-judgment section 15 took out, and du read from the user proper information storage 
section 1 1 . 
[0126] 

[Equation 22] R-CF(nl, LI, du) mod nlR=CtlR' mod nl, i.e., [0127] 
[Equation 23] 

R=CtlR' mod The certification data verification section 22 of nl=rK(f) certification data verification 
equipment 20 processes like the usual authentication, takes out a random number r from the random- 
number attaching part 23, and is [0128], 

[Equation 24] r-lR mod By calculating nl, the common cryptographic key K which had enciphered 
application can come to hand. Certification data verification equipment can decode the part as which 
application was enciphered by this common cryptographic key K, and can perform application. 
[0129] After this, even if it performs an application program AP 1 what times, same processing is 
performed and it can use for free. 

[0130] As explained above, what (purchase) the access privilege of an application program is purchased 

for with constituting as mentioned above using prepaid information becomes possible. 

[0131] In the above, implementation of the purchase fimction in prepaid one was explained. 

[0132] When certification data generation equipment is equipped with a clock, and in addition to the 

information of no charge the amount of use indicates expiration date information and compares with 
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time of day in the use condition infonnation L on the 1st access ticket at every use of the 1st access 

ticket besides this, it is also possible to realize the RENTO function in prepaid one. 

[0133] Furthermore, it is possible to limit the term which distributes the 1st access ticket (defrosting) 

etc. by equipping certification data generation equipment with a clock, and comparing with time of day 

as another example, in the case of decode of the 1st access ticket which indicated expiration date 

information in the use condition information L on the 2nd access ticket, and was enciphered. 

[0134] Moreover, although this example explained by carrying out based on RSA cryptograph, not only 

this but other cipher systems may be used. Moreover, the implementation type of an access ticket is not 

restricted to this, either. 

[0135] 

[Effect of the Invention] Face attesting access rating of users, such as execution control, and a user holds 
proper information beforehand. Protection persons, such as a programmer, prepare the description 
infonnation on access rating authentication independently of tiie proper infonnation which a user 
possesses. By creating and distributing an access ticket according to a user's proper information and the 
description information on the access rating authentication used for creation of an application program 
etc. It made it possible to realize the purchase function and RENTO function in difficult prepaid one 
conventionally, with the description of making the both sides of a user and a protection person open 
wide from the troublesomeness of access privilege information management left. 
[0136] Realizing efficiently is possible, without putting in an excessive program and data in an IC card 
with comparatively little capacity, since it constituted so that it might set to realize these functions 
furthermore and the same processing as authentication processing of the usual ticket might be 
performed. 
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TECHNICAL FIELD 



[Field of the Invention] This invention relates to the certification data generation equipment which 
generates especially the above-mentioned certification data about the technique which attests a user's 
access rating by verifying the justification of the certification data generated in order to prove a user's 
authority. 



[Translation done.] 
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PRIOR ART 



[Description of the Prior Art] The program execution control technique is known as advanced 
technology belonging to this invention and an isomerism field. The user who has tried activation of 
application inspects holding the key for authentication of normal, a program execution control technique 
enibeds the routine for user authentication into ** application program, ** this routine restricts it, when 
existence of the key for the ** aforementioned authentication is checked, it continues a program, and 
when other, it is the teclinique which stops program execution, 

[0003] By using such a technique, activation of an application program can be closed to him, if only to 
the user of the normal which holds an authentication key. It is put in practical use in the software 
distribution enterprise and this technique is Rainbow as a product. Technologies, SentinelSuperPro 
(trademark) of an Inc. company, and Aladdin Knowledge Systems There is an HASP (trademark) of a 
Ltd. company etc. 

[0004] With these techniques, a software vendor encloses a user's authentication key with the memory in 
hardware severely, in order to prevent a duplicate, it is distributed to a user using a postal physical 
means, and a user equips with and uses this for a proprietary personal computer etc. 
[0005] These techniques must perform protection processing of a program based on this authentication 
key, after a programmer assumes beforehand the authentication key which a user has, when creating an 
application program. That is, only when the right reply fi-om haixiware with a buih-m key is predicted at 
the time of a programming and a right reply is received, a programmer has to create a program so that a 
program may operate normally. 

[0006] The use gestah of the conventional technique of having such a description becomes the following 
two kinds fundamentally, 

[0007] ** By the 1st approach, prepare a user's authentication key so that it may differ for every user. 
That is, every one different authentication key for every user is prepared for the user first like 
authentication **** at authentication **** and the user second. 

[0008] ** By the 2nd approach, a programmer prepares an authentication key which is different for 
every application, respectively. That is, every one authentication key which is different for every 
application like authentication **** is prepared for the application first at authentication **** and the 
application second, and each application program is created so that the authentication key of a proper 
may be identified. 

[0009] However, in any [ these ] case, it has a problem which is described below. 
[0010] In the case of the 1st approach, a programmer needs to change the authentication routine in a 
program appropriately for every user, and needs to create a program. That is, since authentication keys 
differ for every user, the authentication routine in a program must be created so that the authentication 
key of the user proper using this program may be identified, and a programmer needs to create the 
program from which only the number of use users differs. 

[001 1] When the target users are a large number, the activity which changes a program an individual 
exception for every user requires an effort intolerable for a programmer, and becomes what also has a 
huge list of user authentication keys which must be managed. 
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[0012] In the case of the 2nd approach, the need of creating a program individually for every user like 
[ in the case of the 1st approach ] is lost, but as for a user, only the number of the applications to be used 
must hold an authentication key conversely. 

[0013] As for this constraint, the following problems are caused in a programmer and each user. 
[0014] As mentioned above, it is necessary to distribute an authentication key to a user in the condition 
of having enclosed with hardware severely. Therefore, it cannot but depend for distribution of the 
hardware which builds an authentication key in that the program itself can be distributed simple through 
a network, and a contrast target on physical means, such as mail, this limit cost, time amount, and the 
time and effort of packing - any - very much - a programmer - ****-- it becomes a big burden. 
[0015] A programmer has to do the fixed number stock of the different hardware for every application 
so that he may meet the demand of a user, and he needs the cost of stock control. 
[0016] Moreover, a user must be content with the complicatedness that hardware must be exchanged 
whenever it changes the application to be used. 

[0017] Though he wants to use application with a user, it must wait until the hardware with which the 
authentication key was enclosed arrives, and produces inconvenient [ in the point that it cannot use 
immediately ]. 

[001 8] As a technique which solves this problem, these people have proposed the new access rating 
verification technique (current un-opening [ Japanese Patent Application No. No. 062076 / 08 to /, ] to 
the public), 

[0019] The description information and user proper information on access rating authentication are 
made to become independent, and if the protection side and user side also prepares one proper 
information, he is trying to end by introducing the auxiliary information for certification (access ticket) 
by the proposal of Japanese Patent Application No. No. 062076 [ 08 to ]. 
[0020] An access ticket is data calculated based on a specific user's proper information, and the 
description information on access rating authentication, and is difficult to calculate the description 
information on access rating authentication for user proper information fi-om an access ticket to not 
knowing. And the data for right certification are calculated only within the case where the right 
combination of user proper information and an access ticket, i.e., the combination of the access ticket 
calculated based on user proper information and this user proper information, is inputted. 
[0021] Therefore, access rating of users, such as execution control, can be attested by a user's holding 
proper information beforehand, and protection persons', such as a programmer's, preparing the 
description information on access rating authentication independently of the proper information which a 
user possesses, and creating an access ticket according to a user's proper information and the description 
information on access rating authentication used for creation of an application program etc., and 
distributing. 

[0022] Using this technique, it protects to an application program, a user is supplied widely, and the 
service which provides with an access ticket the user who wishes use of an application program can be 
considered. 

[0023] Media, such as an IC card which enclosed different proper information for every user, are passed 
to the user who wishs, and a programmer distributes to a program using the description information on 
access rating authentication, protecting, and the ticket issue contractor who received commission in the 
user who wishes use of a program from the programmer or the programmer offers an access ticket. 
[0024] When such service is considered, it becomes a problem how and when it charges. In the case of 
this example, in case an access ticket is published, the tariff which is equivalent to the price of a 
program in exchange for issue of a ticket can be collected. 

[0025] By the way, when considering dealing service of the right of use of such a program, the gestalt of 
the following rights can be considered. 

** Purchase (purchase) ; how to buy the right of use. Once it purchases, it can use eternally. Then, the 
tariff is the same in spite of not using. 

** Paper youth (pay-per-use) : it is also called the amount accounting of use. It is charged according to 
the used amount. 
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** RENTO (rent) : purchase the right of use of a fixed period. If a term passes, it will become 
impossible to use. 

[0026] Although it is easy to realize a purchase when the technique of above-mentioned Japanese Patent 
Application No, No. 062076 [ 08 to ] is used, it is difficult to realize RENTO. 

[0027] Since it is necessary to record the log to the ticket used into a user's IC card in order for a user to 
submit use hope to a ticket issue contractor every, and ticket issue actuation is frequently needed 
upwards and to realize an access ticket usable once although a ticket issue contractor can be realized by 
publishing an access ticket usable once whenever it uses about a paper youth, it is not so realistic. 
[0028] To this problem, these people have proposed introducing use control information into the rating 
authentication technique of an access ticket (current un-opening [ Japanese Patent Application No. No. 
191756 / 08 to /, ] to the public). By the technique of Japanese Patent Application No. No. 191756 [ 08 
to ], in case use control information is introduced into Japanese Patent Application No. No. 062076 [ 08 
to ] and information is decrypted, this use control information is also used. As an example of use control 
information, the information on whether the available time the expiration date, the count of usable, and 
total, the use upper limit amount of money, and the hysteresis of processing are taken etc. is indicated. 
[0029] It is possible to realize RENTO, when use control information is the expiration date. 
[0030] Moreover, in the case of the information that use control information takes the hysteresis of 
processing, the function near a paper youth is realizable by the approach of calculating the used count 
and charging it, by collecting the hysteresis and totaling in a fixed period. If the amount of use per time 
is furthermore indicated to use control information, it will become possible to realize a flexible paper 
youth. 

[0031] That is, by the technique of Japanese Patent Application No, No. 191756 [ 08 to ], the gestah 
purchase, the paper youth, and RENTO of the right mentioned above can all be realized. 
[0032] Next, the approach of payment is considered. Following two can be considered as the approach 
of payment. 

[0033] ** How to pay at the time of ticket issue : how to pay, in case a ticket issue contractor publishes 
an access ticket. A tariff may be recorded by the case where it pays by electronic money, and the issue 
contractor side, and bank transfer etc. may liquidate. 

[0034] ** How to pay by prepaid one : a user purchases prepaid fi-equency beforehand, holds in the IC 
card etc., and pull down the frequency which corresponds firom prepaid one in the time of purchase, or 
the case of use. 

[0035] If the technique of Japanese Patent Application No. No. 191756 [ 08 to ] is used, the gestalt 
purchase, the paper youth, and RENTO of the right mentioned above are all realizable by the approach 
of paying at the time of ** ticket issue. 

[0036] On the other hand, by the approach of paying by ** prepaid, a paper youth can be realized easily, 
every [ that is, / given / the prepaid information currently held whenever it attests by indicating the 
amount of use per time to use control information to / in use control infonnation / frequency ] ~ what is 
necessary is just to pull down 

[0037] However, it is the approach of paying by ** prepaid, and it is difficuh to realize a purchase and 
RENTO. A purchase carries out accounting by prepaid one only to the first utilization time, and is 
because processing in which it does not charge is required for the utilization time of the 2nd henceforth. 
[0038] About a purchase, indicate the amount of acquisition of the right of use to use control 
information, and it pulls down from the prepaid information which holds the frame to the first utilization 
time. The information on the used this access ticket is registered into an IC card. To the utilization time 
of the 2nd henceforth Whether the ticket which it is going to use is already registered into the IC card 
checks, and when registered, it is also possible to realize with constituting so that it may not pull down 
from prepaid information. However, since it cannot erase during the period, when [ very long ] using 
many tickets, this registration information will run short of the storage capacity of an IC card, and is not 
a not much realistic solution. 

[0039] Also in RENTO, the amount of a rental and an expiration date are indicated to use control 
information, although it is possible, similarly realizing by taking the same approach as a purchase will 
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run short of the storage capacity of an IC card, and it is not a not much realistic solution. 
[Translation done.] 
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1 .This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2.**** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 



EFFECT OF THE INVENTION 



[Effect of the Invention] Face attesting access rating of users, such as execution control, and a user holds 
proper information beforehand. Protection persons, such as a programmer, prepare the description 
information on access rating authentication independently of the proper information which a user 
possesses. By creating and distributing an access ticket according to a user's proper information and the 
description information on the access rating authentication used for creation of an application program 
etc. It made it possible to realize the purchase function and RENTO function in difficult prepaid one 
conventionally, with the description of making the both sides of a user and a protection person open 
wide from the trouble someness of access privilege information management left. 
[0136] Realizing efficiently is possible, without putting in an excessive program and data in an IC card 
with comparatively little capacity, since it constituted so that it might set to realize these fimctions 
furthermore and the same processing as authentication processing of the usual ticket might be 
performed. 
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JPO and INPIT are not responsible for any 
damages caused by the use of this translation. 

1 .This document has been translated by computer. So the translation may not reflect the original 
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TECHNICAL PROBLEM 



[Problem(s) to be Solved by the Invention] This invention is made in view of the above troubles, and it 
makes it a technical problem to make it possible to realize a purchase and RENTO also in the approach 
of paying by prepaid one, without covering an excessive load over a certification data generation 
equipment (IC card) side. 



[Translation done.] 
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MEANS 



[Means for Solving the Problem] A data input means for authentication to input the data for 
authentication into the certification data generation equipment which is generated in order to attest a 
user's access rating, and generates the certification data which have justification verified in order to 
solve an above-mentioned technical problem according to this invention, A user proper information 
storage means to memorize a user's proper information, and a user's proper information, The auxiliary 
information for certification which performed and generated predetermined count to the description 
information on access rating authentication, and the use condition information which described the 
access condition, An auxiliary information set storage means for certification to memorize the auxiliary 
information set for certification containing a group with use condition information. The auxiliary 
information set for certification corresponding to the inputted data for authentication is taken out fi-om 
the above-mentioned auxiliary information set storage means for certification. The above-mentioned 
picking when it is judged as continuation in a use conditional-judgment means to judge whether 
subsequent processings are continued, and the above-mentioned use conditional-judgment means, 
according to the use condition information on the taken-out auxiliary information set for certification 
The above-mentioned picking The taken-out auxiliary information set for certification, and the data for 
authentication inputted fi-om the above-mentioned data input means for authentication, Perform 
predetermined count to the above-mentioned user's proper information memorized by the above- 
mentioned user proper information storage means, and a certification data generation output means to 
generate and output certification data is established. From the above-mentioned data input means for 
autiientication, the auxiliary information set for encryption certification which enciphered the 1st 
auxiliary information set for certification with the encryption key in a code fimction is inputted. The 
above-mentioned use conditional-judgment means The 2nd auxiliary information set for certification 
corresponding to the inputted auxiliary information set for encryption certification is taken out from the 
above-mentioned auxiliary information set storage means for certification. After performing 
predetermined processing according to the use condition information on the 2nd auxiliary information 
set for certification taken [ above-mentioned ] out picking, it judges whether subsequent processings are 
continued. The above-mentioned certification data generation output means He is trying to output the 1st 
auxiliary information set for certification which is the result of decrypting the above-mentioned 
auxiliary information set for encryption certification by performing the above-mentioned processing. 
[0042] That is, the 1st auxiliary information set for certification is decrypted from the auxiliary 
information set for encryption certification by enciphering the 1st auxiliary information set for 
certification which is the usual auxiliary information set for certification (access ticket), creating the 
auxiliary information set for encryption certification, and carrying out the completely same processing 
as the usual authentication processing using the 2nd auxiliary information set for certification for 
accessing to this auxiliary information set for encryption certification. 
[0043] Thus, by constituting, a use tariff creates a free ticket (1st auxiliary information set for 
certification), it enciphers, and implementation of the purchase fimction in prepaid one is made possible 
as a whole by constituting so tiiat tiie ticket (2nd auxiliary information set for certification) for 
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decrypting the enciphered ticket may be published, the use tariff of this ticket (2nd auxiliary information 

set for certification) may be made into the charge and it may pay by prepaid one. 

[0044] A RENTO function is realizable by indicatmg expiration date information to the use condition 

information on the 2nd auxiliary information set for certification in addition to this. 

[0045] In addition, realizing efficiently is possible, without putting in an excessive program and data in 

an IC card with comparatively little capacity, since it constituted so that the same processing as 

authentication processing of the usual ticket might be performed in order to have decrypted the 

enciphered ticket. 

[0046] 

[Embodiment of the Invention] Hereafter, the example of this invention is explained. 

[0047] Drawing 1 shows the block diagram of this example. In this example, prepaid information is held 

in certification data generation equipment, and the example (purchase) which purchases the access 

privilege of an application program is explained using that prepaid information. 

[0048] DrawingJ. shows including the certification data verification equipment which verifies the 

certification data generated and outputted with certification data generation equipment. 

[0049] First, after explaining the configuration of this example based on drawing 1 , while a flow chart 

shows the flow of processing of certification data verification equipment and certification data 

generation equipment, it explains. It explains to an example by carrying out authentication processing 

usual to explanation of the flow of processing, and the example pulled down from prepaid one for 

whenever [ of one use to the use condition information L / every ] is explained. And the example 

(purchase) which purchases the access privilege of an application program after explanation of the usual 

authentication processing is explained. 

[0050] It is equipment of the pocket mold which [configuration of example] drawing 1 shows the 
configuration of an example as a whole, and a user holds certification data generation equipment 10 in 
this drawing, and had a count function in the interior like an IC card. The PC card which had a count 
function besides the IC card, a pocket mold infonnation tool or a subnote PC, etc. may be used. It is 
desirable to be defended so that information on internal may not be simply altered fi:om the outside. 
[0051] A user is the personal computer which uses an application program, and certification data 
verification equipment 20 equips with and uses the IC card which is certification data generation 
equipment 10 for the slot of a personal computer. 

[0052] Certification data verification equipment 20 consists of the data generation section 21 for 
authentication, and the certification data verification section 22 greatiy. When needing to be attested, the 
data generation section 21 for authentication generates the data for authentication, and sends them to 
certification data generation equipment 10. The certification data with which the certification data 
verification section 22 was returned fi-om certification data generation equipment 10 verify whether it is 
the right. 

[0053] If it is protected by encryption etc. and a user is going to use an application program, an 
application program will restrict certification data-verification equipment 20, when the data for 
authentication corresponding to the application program are created, the certification data retimed to 
certification data generation equipment 10 from delivery and certification data generation equipment 10 
are verified and it is verified with the right, and will make it possible to remove and use protection of an 
application program. 

[0054] On the other hand, certification data generation equipment 10 is constituted including the user 
proper information storage section 1 1, the frequency information attaching part 12, the access ticket 
storage section 13, the data input section 14 for authentication, the use conditional-judgment section 15, 
and the certification data generation output section 16. 

[0055] The user proper information storage section 11 is a part holding a user's confidential infonnation, 
and is different information for every user. As for user proper infonnation, it is desfrable to be 
constituted so that it may be enclosed when certification data generation equipment 10 is created, and it 
cannot take out to a user, either. 

[0056] The frequency infonnation attaching part 12 is a part holding prepaid information, and the 
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required frame is reduced according to use, purchase, etc. of an application program. Increasing is also 
possible when a frame decreases. The technique proposed by Japanese Patent Application No. No. 
21373 [ nine to ] can be used for the approach of increase. By this technique, Ircquency information is 
increased using frequency information and the frequency information which signed. It is required to 
carry out the change in the frame in the frequency information attaching part 12 to insurance, and it is 
desirable to constitute so that access of those other than the defined approach cannot be performed. 
[0057] The access ticket storage section 13 has memorized two or more access tickets. An access ticket 
gives a user access rating and is created by the ticket issue contractor who received commission from the 
application program implementer or the application program implementer. In this example, an access 
ticket is the group of the auxiliary information for certification and use condition information which 
were calculated by performing predetermined count to a user's proper information, the description 
information on access rating authentication, and the use condition information that described the access 
condition of access ratmg authentication. Although the access ticket storage section is constituted in the 
IC card, since only he who was published can use an access ticket, the copy is free and may consist of 
this examples in the IC card exterior. 

[0058] The data input section 14 for authentication is a part which inputs the data for authentication sent 
from certification data verification equipment 20. 

[0059] The use conditional-judgment section 15 takes out the access ticket corresponding to the inputted 
data for authentication from the access ticket storage section 13, and judges use conditions based on the 
use condition information in an access ticket. For example, it judges [ whether the expiration date of an 
access ticket has run out or it is sufficient for paying a use tariff by prepaid one which it holds and ] 
whether use conditions are judged and subsequent processings are continued. 

[0060] The certification data generation output section 16 generates and outputs certification data, only 
when judged as continuation in the use conditional-judgment section 15. Certification data perform and 
create predetermined count to the auxiliary information for certification in the access ticket taken out in 
the use conditional-judgment section 15, the data for authentication, and a user's proper information. 
[0061] Next, an example is given and it explains to a detail further. Explanation here makes the usual 
authentication processing an example, explains, and explains to the use condition information L the 
example pulled down from prepaid one for whenever [ of one use / every ]. 

[0062] Drawing 2 attaches a notation to the block diagram of drawing 1 . The notation corresponds with 
the following explanation. 

[0063] below the [usual authentication processing] - law ~ the example using the RSA (Rivest-Shamir- 
Adehnan) code in n is explained to a detail. First, the usual authentication processing is explained. In the 
following examples, the software vendor which is the implementer of an application program explains 
the example which performs all from issue of an IC card to issue of a ticket. In this example, the 
software vendor knows all users' confidential information du. The configuration whose ticket issue 
contractor performs issue of an IC card and a ticket besides this is also possible, 
[0064] A software vendor creates the cryptographic key to an application program to protect, since RSA 
cryptograph is used here - the big prime factors p and q - secret -- creating - law ~ a number n is 
created as n=p-q. next, law ~ the origin of a number n - a cryptographic key E and the decode key D - 
[0065] 

[Equation 1] ED**1 mod phi (n) 

******** -- it generates like, phi (n) is the Euler number and is phi(n) = (p-1) (q-1) here. 

[0066] Next, a software vendor enciphers a part or all of an application program that wants to make and 

protect the common cryptographic key K by K, and is [0067]. 

[Equation 2] K'=KE mod n is calculated, and it embeds and distributes to the application program which 
enciphered K' so that the 3rd person cannot take out. 

[0068] The user who wants to use this application program will receive the access ticket corresponding 
to this beforehand. 

[0069] A software vendor publishes an access ticket in response to the access ticket issue demand from a 
user. A software vendor picks out the confidential information du of the user who required, and the 
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decode key (D, n) corresponding to the cryptographic key (E, n) used on the occasion of encryption of 
an application program from a database. Next, the use condition information L given to an access ticket 
is created. Here, since it pulls down from prepaid one and charges, the amount of use pulled down about 
one use is set to L. And such information is used and it is [0070]. 
[Equation 3] t-D-F(n,L,du) 

It carries out and the auxiliary information t for certification is created. On the other hand, fiinction FQ is 
the function of tropism, and, on the other hand, can use tropism Hash Function MD5, SHA, etc. a 
common key encrypto system DES (DataEncryption Standard), etc. here. 
[0071] A software vendor is published to a user by using the group of (t, L, n) as an access ticket. 
[0072] If a user is going to use an application program, certification data verification equipment will 
create the data for authentication correspondii^ to the application program (C, n), and will send them to 
certification data generation equipment. 

[0073] The flow of this processing is shown in the flow chart of drawing 3 , and it explains based on 
this. 

: (Step SI 1) The certification data generation section 21 takes out K' and n from the protected 
application program. 

: (Step SI 2) The certification data generation section generates a random number r, and stores it in a 

random-number attaching part. 

(Step SI 3) :C=rEK' mod n is calculated. 

(Step SI 4) It sends to certification data generation equipment 10 by using the group of: (C, n) as the 
data for authentication. 

[0074] Next, the flow of certification data generation equipment 10 is shown in drawing 4 , and 

processing of certification data generation equipment 10 is explained based on this. 

: (Step S21) The data for authentication (C, n) are inputted from the data input section 14 for 

authentication. 

: (Step S22) The use conditional-judgment section 15 uses n as a key, searches the access ticket storage 
section, and takes out an access ticket (t, L, n). 

: (Step S23) The use conditional-judgment section 15 compares the frequency information V on the use 
conditions L in the taken-out access ticket (amount of use), and a frequency information attaching part. 
: (Steps S24-S25) At the time of V>=L, the certification data generation output section 16 progresses to 
(step S26). When that is not right, the certification data generation output section outputs an error, and is 
completed. 

: (Step S26) Only the part of the use conditions (amount of use) L reduces the frequency information V 
for which the use conditional-judgment section 15 is held at the frequency information attaching part 12. 

: (Steps S26-S29) The certification data generation output section 16 calculates and outputs the 
certification data R using the auxiliary information t for certification which the use conditional-judgment 
section 15 took out, the use conditions L (amount of use), and du read from tiie user proper information 
storage section 11. 
[0075] 

[Equation 4] R'=CF (n, L, du) mod nR=CtR' mod In n drawing 4 , ahhough the certification data R are 
calculated, count of R' is once divided. In order for this to use a user's confidential information for count 
of R', it is necessary to calculate but so that the processing may not leak outside, and once count of R' 
finishes, it will be for performing count of R externally. Thus, you may calculate by dividing into R' and 
R, and it does not matter even if it calculates at once. 

[0076] Next, processing of the certification data verification section of certification data verification 
equipment 20 is explained. The certification data R outputted fix)m certification data generation 
equipment 10 are [ the right user proper information du and ] [0077] when calculated using a right 
access ticket (the auxiliary information t for right certification, the right use conditions L). 
[Equation 5] 

R=CtR' mod n=CD-F(n, L, du) CF(n, L, du) mod n=CD mod n=(rE K') D mod n=(rEKE) D mod n=(rK) 
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ED mod It becomes n=rK, 

[0078] Then, in the certification data verification section 22, a random number r is taken out from the 
random-number attaching part 23, and it is [0079]. 

[Equation 6] r-lR mod By calculating n, the common cryptographic key K which had enciphered 
application can come to hand. Certification data verification equipment can decode the part as which 
application was enciphered by this common cryptographic key K, and can perform application. 
[0080] In this example, certification data verification equipment has that application has performed 
correctly, and it is judged that verification was completed correctly. 
[0081] Explanation of the usual authentication processing is ended above. 
[0082] The example (purchase) which purchases the access privilege of an application program is 
explained using a [purchase], next prepaid information. 

[0083] In order to realize this function, the 1st access ticket is decrypted from an encryption access 
ticket by enciphering the 1st access ticket which is the usual access ticket, creating the encryption access 
ticket, and performing the completely same processing as the usual authentication processing using the 
2nd access ticket for accessing to this encryption access ticket. 

[0084] And at this time, a use tariff creates the 1st access ticket as a free ticket, and the 2nd access ticket 
is constituting so that a use tariffs may be made into the charge and it may pay by prepaid one, and 
enables implementation of the purchase function in prepaid one as a whole. 

[0085] First, the application program which wants to realize the function of a purchase is set to API. 
API is protected like above-mentioned explanation. 

[0086] A <explanation of protection of application program AP 1> software vendor creates the 
cryptographic key to an application program to protect, since RS A cryptograph is used here ~ the big 
prime factors pi and ql ~ secret ~ creating - law - an nl number is created as nl=pl and ql. next, law 
~ the origin of an nl number ~ a cryptographic key El and the decode key Dl - [0087] 
[Equation 7] El and D 1**1 mod phi (nl) 

******** -- it generates like, phi (nl) is the Euler number and is phi(nl) = (pl-1) (ql-l) here. 

[0088] Next, a software vendor enciphers a part or all of an application program that wants to make and 

protect the common cryptographic key Kl by Kl, enciphers the common cryptographic key Kl by the 

cryptographic key El according to the following formulas further, and generates Kl' 

[0089] 

[Equation 8] It embeds and distributes to the application program which enciphered K1'=K1E1 mod nl 
and Kl' so that the 3rd person cannot take out easily. Moreover, nl is embedded at the enciphered 
application program. 

[0090] A software vendor memorizes the group created (nl, Dl, phi (nl)) in an access ticket information 
database. 

[0091] Next, creation of a prepaid payment purchase ticket is explained. Drawing 5 shows the example 
of a configuration of the auxiliary information generation equipment 30 for certification. In this 
example, a prepaid payment purchase ticket is outputted by considermg the 1st use condition 
information, the 1st decode key, user proper information, and 2nd use condition information as an input. 



section 33 is a part which memorizes the 1st decode key inputted from the input section 31. The 1st 
decode key is a decode key (Dl, nl) corresponding to the cryptographic key (El, nl) which enciphered 
the common cryptographic key Kl used for encryption of an application program AP L 
[0092] The user proper information storage section 34 is a part which memorizes the user proper 
information that it was inputted from the input section 3 1 . This is the same as that of what is stored in a 
user's certification data generation equipment 10. 

[0093] When a user requests issue of a ticket, a user's identification information U and a user send nl 
taken out from the application program AP 1 which wishes to use to a software vendor. A software 
vendor from the User Information database which matches and holds a user's identification information 
U and user proper mfonnation du User proper information is acquired by retrieving the user proper 
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information du corresponding to a user's identification information U. From the access ticket 
information database holding a group, the decode key (Dl, nl) corresponding to nl is obtained, and 
moreover (n, D, phi (n)) inputs into the auxiliary information generation equipment 30 for certification. 
[0094] The 1st use condition information storage section 32 and the 2nd use condition information 
storage section 35 are parts which memorize the 1st use condition information and the 2nd use condition 
information, respectively. The 1st use condition information describes the use conditions of an 
application program AP 1, and the 2nd use condition information describes the use conditions of a 
prepaid payment purchase ticket. In the case of the prepaid payment purchase ticket, since it is charged 
at the 1st utilization time and has the property of not being charged in the utilization time of the 2nd 
henceforth, the information meaning being no charge at least is included in the 1st use condition 
information, and the information meaning being a charge at least is included at the 2nd use condition 
information. 

[0095] The 1st ticket generation section 36 is a part which performs predetermined count to the 1st use 
condition information and the 1st decode key which were inputted, and user proper information, and 
generates an access ticket. 

[0096] The component 41 which consists of the 1st use condition information storage section 32, the 1st 
decode key storage section 33, the user proper information storage section 34, and the 1st ticket 
generation section 36 is making the configuration same with generating the usual access ticket. 
[0097] The 2nd key generation section 37 is a part which generates the key for enciphering the 1st 
access ticket generated in the 1st ticket generation section 36. 

[0098] The encryption section 38 is a part which enciphers the 1st access ticket generated in the 1st 
ticket generation section 36 using the encryption key generated in the 2nd key generation section 37. 
[0099] The 2nd ticket generation section 39 is a part which generates the 2nd access ticket which is 
needed in order to decrypt the encryption access ticket enciphered in the encryption section 38. 
[0100] The ticket output section 40 is outputted as a prepaid payment purchase ticket combining the 
encryption access ticket enciphered in the encryption section 38, and the 2nd access ticket generated in 
the 2nd ticket generation section 39. 

[0101] The approach of creation of a prepaid payment purchase ticket is explained below to <creation of 
a prepaid payment purchase ticket> using the flow chart of drawing 6 , 

[0102] A software vendor publishes a prepaid payment purchase ticket in response to the prepaid 
payment purchase ticket issue demand from a user. The user who requests issue of a ticket sends nl 
taken out from the application program AP 1 with which a user's identification information U and a user 
wish to use to a software vendor. 

[0103] : (Step S31) A sojftware vendor inputs the group (U, nl) of nl taken out from identification 
information U and application program AP 1 of the user who is the prepaid payment purchase ticket 
issue demand from a user. Moreover, the 1st use condition information LI which described the use 
conditions of an application program AP 1, and the 2nd use condition information L2 which described 
the use conditions of a prepaid payment purchase ticket are also inputted. Here, it is [0104] as which the 
1st use condition information LI means that a use tariff is no charge since it aims at generation of a 
prepaid payment purchase ticket. 

[Equation 9] It is [0105] as which it is L 1=0 and the 2nd use condition information L2 means that the 
tariff of a purchase is a charge. 

[Equation 10] It is referred to as L2=A. However, A is figures other than zero, for example, is 100. 
[0106] : (Step S32) The user proper information du corresponding to a user's identification information 
U is retrieved from the User Information database which matches and holds a user's identification 
information U and user proper information du. 

(Step S33) From the access ticket information database holding the group of: (n, D, phi (n)), the 1st 

decode key (Dl, nl) corresponding to nl is searched. 

: (Step S34) The 1st access ticket Tl for a user to access API is created. 

[0107] 

[Equation 11] Tl=(tlJLl,nl) 
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tl-Dl-F(nl,Ll,du) 

(Step S35) : - in order to encipher the 1st access ticket Tl - the 2nd law ~ an n2 number, the 2nd 
cryptographic key E2, and the 2nd decode key D2 are generated, the big prime factors p2 and q2 are 
generated, and the following formulas are realized ~ as ~ law — an n2 number, a cryptographic key E2, 
and the decode key D2 are generated. 
[0108] 

[Equation 12] n2=p2, q2E2, and D 2**1 mod phi (n2) 
phi(n2) = (p2-l)(q2-l) 

: (Step S36) The 1st access ticket Tl is enciphered by the 2nd generated cryptographic key E2. What 

enciphered Tl is made into Tl'. 

[0109] 

[Equation 13] T1-T1E2 mod n2 (step S37): Create the 2nd access ticket T2 for a user to decode 

enciphered access ticket Tl'. 

[0110] 

[Equation 14] T2=(t2,L2,n2) 
t2-D2-F(n2,L2,du) 

(Step S3 8) : (Tl', n2) (T2) is made into a group, and it outputs as a prepaid payment purchase ticket. 
[01 1 1] A software vendor sends the outputted prepaid payment purchase ticket (Tl n2) (T2) to a user. 
[01 12] Next, the example of use of a prepaid payment purchase ticket is explained. 
[0113] The user who received the (example a) prepaid payment purchase ticket (Tl', n2) (T2) stores T2 
in the access ticket storage section 13 first. [ <example of use of prepaid payment purchase ticket> ] 
(b) Next, input from the data input section 14 for authentication of the certification data generation 
equipment 10 with which he holds (Tl', n2). 

[0114] Hereafter, processing in certification data generation equipment 10 is performed according to 

drawing s . Now, suppose at the frequency information attachiiig part 12 of certification data generation 

equipment 14 that the prepaid information V on 800 frequencies is held. (V=800) 

: (Step S21) From the data input section 14 for authentication, the data for authentication (Tl', n2) are 

inputted. 

: (Step S22) The use conditional-judgment section 15 uses n2 as a key, searches the access ticket storage 
section 13, and takes out access ticket T2= (t2, L2, n2). 

; (Step S23) The use conditional-judgment section 15 compares the frequency information V on the 
frequency information attaching part 12 with the use conditions L2 in the taken-out access ticket. 
: (Step S24) Since it is now, L2=100, and V- 800, it is [01 15]. 
[Equation 15] V>=L2 is realized and it progresses to (step S26). 

: (Step S26) Only the part of the use conditions L2 reduces the frequency information V for which the 
use conditional-judgment section 15 is held at the frequency information attaching part 12. 
[0116] 

[Equation 16] As an acquisition tariff of a prepaid payment purchase ticket, V=800-l 00=700 [ V ], i.e., 
frequency information, are pulled down the number of 100 degrees, and it serves as remainder 700 
frequency. 

: (Steps S27-S29) The certification data generation output section 16 calculates and outputs the 
certification data R using the auxiliary information t2 for certification and the use conditions L2 which 
the use conditional-judgment section 15 took out, and du read from the user proper information storage 
section 11. 
[0117] 

[Equation 17] R -TIT (n2, L2, du) mod n2R=Tl't2R' mod It is [01 18] when n2R is calculated. 
[Equation 18] 

R=Tl't2R' mod n2=TlT)2-F(n2, L2, du) CF(n2, L2, du) mod n2=Tl' D2 mod n2=(Tl E2) D2 mod 
Count called n2=Tl is realized and it is [0119] as certification data R from the certification data 
generation output section 16. 
[Equation 19] R=T1 is outputted. 
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[0120] That is, if it inputs from the data input section 14 for authentication of the certification data 

generation equipment 10 with which he holds (Tl', n2), L2 will be pulled down from the frequency 

information V, and Tl by which Tl' was decoded as a result will be outputted. 

[0121] (c) A user stores Tl which came to hand in the access ticket storage section 13. 

[0122] (d) Since the user obtained the access ticket Tl for using an application program AP 1, he uses an 

application program AP 1 . 

[0123] Hereafter, data generation processing for authentication in certification data verification 
equipment 10 is performed according to drawing 3 . 

: (Step SI 1) The data generation section 21 for authentication takes out Kl' and nl from the protected 
application program, 

: (Step SI 2) The data generation section 21 for authentication generates a random number r, and stores it 
in the random-number attaching part 23. 
(Step S13) :C=rEKl' mod nl is calculated. 

(Step S14) It sends to certification data generation equipment 10 by using the group of: (C, nl) as the 
data for authentication. 

(e) Processing in certification data generation equipment 10 is again performed according to drawing 4 . 
: (Step S21) From the data input section 14 for authentication, the data for authentication (C, nl) are 
inputted. 

: (Step S22) The use conditional-judgment section 15 uses nl as a key, searches the access ticket storage 
section 13, and takes out access ticket Tl= (tl, LI, nl). 

: (Step S23) The use conditional-judgment section 15 compares the frequency information V on the 
frequency information attaching part 12 with the use conditions LI in the taken-out access ticket. 
: (Step 824) Since it is now, L1=0, and V= 700, it is [0124]. 
[Equation 20] V>=L1 is realized and it progresses to (step S26). 

: (Step S26) Only the part of the use conditions LI reduces the frequency information V for which the 
use conditional-judgment section 15 is held at the frequency information attaching part 12. 
[0125] 

[Equation 21] First, as an acquisition tariff of a prepaid payment purchase ticket, since V=700-0=700 
[ V ], i.e., frequency information, are pulled down the number of 100 degrees, by use of the 2nd 
henceforth, it is not pulled down but serves as as [ remainder 700 frequency ]. 
: (Steps S27-S29) The certification data generation output section 16 calculates and outputs the 
certification data R using the auxiliary information tl for certification and the use conditions LI which 
the use conditional-judgment section 15 took out, and du read from the user proper information storage 
section 1 1 . 
[0126] 

[Equation 22] R'-CF(ni, LI, du) mod nlR=CtlR' mod nl, i.e., [0127] 
[Equation 23] 

R=CtlR' mod The certification data verification section 22 of nl=rK(f) certification data verification 
equipment 20 processes like the usual authentication, takes out a random number r from the random- 
number attaching part 23, and is [0128]. 

[Equation 24] r-lR mod By calculating nl, the common cryptographic key K which had enciphered 
application can come to hand. Certification data verification equipment can decode the part as which 
application was enciphered by this common cryptographic key K, and can perform application. 
[0129] After this, even if it performs an application program AP 1 what times, same processing is 
performed and it can use for free. 

[0130] As explained above, what (purchase) the access privilege of an application program is purchased 
for with constituting as mentioned above using prepaid information becomes possible. 
[013 1] In the above, implementation of the purchase fiinction in prepaid one was explained. 
[0132] When certification data generation equipment is equipped with a clock, and in addition to the 
information of no charge the amount of use indicates expiration date information and compares with 
time of day in the use condition information L on the 1st access ticket at every use of the ist access 
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ticket besides this, it is also possible to realize the RENTO function in prepaid one. 

[0133] Furthermore, it is possible to limit the term which distributes the 1st access ticket (defrosting) 

etc. by equipping certification data generation equipment with a clock, and comparing with time of day 

as another example, in the case of decode of the 1st access ticket which indicated expiration date 

information in the use condition information L on the 2nd access ticket, and was enciphered. 

[0134] Moreover, although this example explained by carrying out based on RSA cryptograph, not only 

tills but other cipher systems may be used. Moreover, the implementation type of an access ticket is not 

restricted to this, either. 

[0135] 



[Translation done.] 
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* NOTICES * 

JPO and INPIT are not responsible for any 
deunages caused by the use of this translation. 

1 .This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2.**** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 



DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] It is the block diagram showing the configuration of the example of this invention. 
[Drawing 2] It is drawing which explains the configuration of drawing 1 to a detail. 
[Drawing 3] It is a flow chart explaining the data generation processing for authentication of the 
certification data verification equipment of drawing 1 . 

[Drawing 4] It is a flow chart explaining certification data generation processing of the certification data 
generation equipment of drawing 1 . 

[Drawing 5] It is the block diagram showing the auxiliary information generation equipment for 
certification which generates the ticket used for generation of the certification data of drawing 1 . 
[Drawing 6] It is drawing explaining generation of the ticket used for generation of the certification data 
of drawing 1 . 
Pescription of Notations] 

10 Certification Data Generation Equipment 

1 1 User Proper Information Storage Section 

12 Frequency Information Attaching Part 

1 3 Access Ticket Storage Section 

14 Data Input Section for Authentication 

15 Use Conditional- Judgment Section 

16 Certification Data Generation Output Section 

20 Certification Data Verification Equipment 

21 Data Generation Section for Authentication 

22 Certification Data Verification Section 

23 Random-Number Attaching Part 

30 Auxiliary Information Generation Equipment for Certification 

32 1st Use Condition Information Storage Section 

33 1st Decode Key Storage Section 

34 User Proper Information Storage Section 

35 2nd Use Condition Storage Section 

36 1st Ticket Generation Section 

37 2nd Key Generation Section 

38 Encryption Section 

39 2nd Ticket Generation Section 

40 Ticket Output Section 
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m-m-tiy h^^mtbxmLTz^mtmmsh Km-^nmmT~^o:>iEmmmt^cticx d 

m^y hmimt^^3(o:x7-'yft. ±E::i-^(07^-^xMmmmt^7^-bmm& 

^mmmLtcwzmmmmtKnLx. m so ^^mic^^^^x. 



±m z comm'^wntmrji^fp.z mmmm^ 

m-y h^lBlit5M4©tB1iXT-y:/fc, 

±1311 4 ©iBiixr y fx-mtntztrnm z mm^ 



5 

±EW. 1 (ommmmmmt. ±m^ i ommmm 

m. 

[0 0 0 1 ] 
[0 0 0 2] 

[0 0 0 3] (:0J:3ftK*lg^¥!jffl-r5cifc<i;t3, SS 

p°ptLT. ^Jx.(fR a i n b ow Technolog 
i e s , Inc. |±6D SentinelSuperPr 
o (MS) ^.Aladdin Knowledge 
Systems L t d. ?±(DH A S P CS^) 

[0 0 0 4] cne-osffim a— ifiTD^siiiii, y 

[0 0 0 5] iineoS'fS^. 7:^'j^r-i/3y:/D>^ 



(4) 1 1 -3 2 0 3 7 

6 

[0 0 0 6] i:©J:^=S:!|^*t1-51J£*gMJfflfg 

[0 0 0 7] a>^ 1 mm-^fit. a-+f'©=ssE^^i- 

[0 0 0 8] (2)^2cD:^^m yn^^~^AfMta7 

^yzj<z\mMm^)i.^^o ryy-^-— >Hi>§ 

[0 0 0 9] LA-'b, CtlS©i/^-rn(0^£fe, 

[0 0 1 0] ^ 1 mm'^^. itxif=7mm\t. 

20 mmmti^m%<Dx. yti^yht^mmji^-i'y^m 

5o 

[0 0 11] )[t^fc^§a-+fA^^®(DJi^. 7ni?7 

[0 0 12] %2<0imym. ^lO^SOl^cDJ; 

<^:^*\ jS^t. a-WJfflt57yU'y-— >a>(0 

[0 0 13] L:©|iJ|^(^yni''7AfM«:&ifn.-+f'^ 

[0 0 14] tuai©j;dte:, Mm{iM-K>>x7tcM 
1 it A b /c4f;il7-:i- If tcSBflJt § BWff^h U-d 

X. -/u^^yLmii^-y hu-i^^irbxmicm 
tictti^x'^^otMmmc. mmmmm^^^- 

[0 0 15] ^P^^7AfM«a. ^.-^'(D^ll^mpi 
7y'J'y— >3>$^^:M*5A-K■^x7^- 
^«X h «y Lxm^mtum^t. mmm:2 

[0 0 16] tft, =L~mmm^7yu^~y3y 

^^It § gfi: K "i? X 7 L % ttntJ * & J5; t ^ 

[0 0 17] :i—tl'~!!)^^S77'J -5^-^X3 y^^^^fct.^ 
50 fcLTfe, MiEII*m5n?cA-K>?x7A^S<ST' 



(5) 
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[0 0 18] cmmmm^mtLx. mmx 

0 8-0 6 207 6^. MtE^m) o 
[0 0 19] i|tM¥08-0 62 07 6#oaiim 

^%iffibT43ttaYtyJ:dtcUTV^§o 10 
[0 0 2 0] T'^^X^-'r^vhli. mo:i—^(Om 

[0 0 2 U LfcA^otn— f a;&?>A^i;46a^1t^S% 20 

[0 0 2 2] i:©Sffi^ffli/^T. r/'J-y— >3yyD 

[0 0 2 3] tM-rSa-tft;:. a^+f§Kgfd:5@W 
ftyn i'"^ Aff fiSi^(i;7 ^ -bX^^gmoWKlS^rffl 

7i'-tx^^7h^il«t1-So 
[002 4] i:(5DJ;5:S:-9— ex«:#^ft^^, 

[0 0 2 5] ilC^-I', C<DXoiiru^'yL<Dmm 

®/^-?xX (purchase) : mmm^'t^ 



1 1-32037 
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©■^^./^-•a-x (pay-pe r-use) : ?ij 

fSn^yh (rent) : -^fflKOfiJffl^S^IIXtSc 
[0 0 2 6] t?]i«)1^ll¥ 0 8-06 2 0 7 6^08*15 

[0 0 2 7] • • a-XK^l/^Ttt. ^iJffltS 

i-fr-j yw^mm\t i w^<n^>m%m7'7'<i7.=f->Tv 

[0 0 2 8] Ci^KJStWLTti. 3|sWliAa?iJfflM® 

mmbxh^^ mm^o 8-191755^, jm* 

0 #^¥0 8- 1 9 1 7 5 6^<73fiST1i. ^fH 
¥0 8-0 6 2 0 7 6^tc?iJfflf)fiPfrff8^#AL. m 

mmmmm. mim^m. mmmm^ 
[0 0 2 9] mmmtimmmm(D^-tm. uy 
[0 0 3 0] i^rammwmmmmmm^t\,^ 

5mx\ • • a--xtcSi/«^^igtS<: 

[0 0 3 1] oSf3#S¥0 8-l 9 1 7 5 6^£0¥S 
MaEbft1t?lJC)MI^^-9'xX. • y-^- • ^ 
-Xfc j: U-^ 1 5 t t!S:5„ 

[0 0 3 2] 3^a(7):^)4K:-ov^Tf mo 
;!itei:LT«, J^T0 20*^#^e>nSc 
[0 0 3 3] ^^^y Vmimct^koli^ : h 

[0 0 3 4] ©/U-^^ FT-m^^S : n.-tf'^'i^fe 

xm. mxmmmmi^. ^u-^^ka^s+i^i- 

[0035] !|tM¥0 8 - 1 9 17 5 ^^<r)wmm^ 

5t, Qii-T^vmjmtm.^mx. m&hmm 
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[0 0 3 6] fw. ©yiM^- vT-mdmr-ii. ^ 

[0 0 3 7] LA^L, ©-/'J-^^KTS^JAa^iST, 
[0 0 3 8] /^-^xXtCMLTti. liJfflWmr^iJ 

^mLXh^^:r')^-( Y^mt^^^imtLx. mm 

^'LT. 'm.t^X\>-^m\ai'f^)^4 K1f$SA^6§lt 

tea. I cA-FtoiBiigiA^^je-r^iitK^t), $p 

[0 0 3 9] I'ybco^^t, fiJfflWt^ttl.^^;!/ 

w^>L-^mm^m,hx^%. i^-^i-^xtm.m'^ 

\zii~Y<m>mmp^'m^xLiL\^im. mom 
mmmx'mi,^ 

[0040] 

[%^!b^Sl!*LJ;5i:-r5i!|!S] mmii. J-X±©Ae 

7^at:}oV^T^., lIB^x-^ra^SH (I C;b-F) 

[0 0 4 1] 

[i!i®^/'Mt5/cfe«^gj] 

MmmmcML. m^mmmnix^^bm 
mmmm t . mmw^ t m^ttsmmmmm 



(6) it^^flY 1 1 -3 20 3 7 

10 

mmwmmii. it^mmmmm^cis^^'xm 
r\^^^m::^-^mmntiz.mmmmLxti 

10 mmt. lEM.mmm'ity Hmmf)''^. a 

[ 0 0 4 2 ] OS i3 . a^cDliEB^fflffilififg-b 7 b (7 
20 ^•bX9^^7 h) T'fe§^ 1 OOTfl!»iffK-t:7 

i'^mtLxm^mmmmm 7 ^ mmix^ 
46©B2^)ip^ffl»tig-b7f^fflv^T, mmmm 

[004 3] c(Oi^om&t^ctiz^i), mmm 

^bxmitu ^mttntc^'ry Ymmtt^tz 
30 ibo^^-jh (^zmmmmm-'y h) mn 

tx\ ±i^tLx:fv-<.^ Yicmf^A-^j:xm(D 

[0 0 4 4] uymma. cniauxxmz<Dmm^ 
mmm 7 h (ommmmLmmmmmim 

[0 0 4 5] ^mti^tz^^"^ vmmtt^ 
mn<o^^yY<Dmmmtmmmw?^o 

[00 4 6] 

mmmmm] &.r. zmmoymmmc-D^^x 
mmt^o 

[0 0 4 7] 0 1 itz(Dmm\(omm^^^t. <:©^ 
jfL, =t<ofv^4Ywmmi^x. T^u^-v'H^ 
50 -Di^^xmrnt^o 
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[0 0 4 8] EI I m mmr-^mmr^f^m 

[0 0 4 9] *-r, 1 1 ^CS■:SV^T, *llM<Dffi^t 

Lxmu $mmmuai. mmmmct 
^Lx. mmmmmmmic. z^u^— >3 
K-o\^^xmmt^o 

[0 0 5 0] [mmmm m i mmmmm± 
wtbx^^tmx^^. cmic^^'x. tm9~^i 
^^mm 1 0 ii.:x~mHmt^ i,<Dx$, ^ , mfL\t \ 
c fi- Fo J; b \^mmwmm-^mm<mm 

T'ifeSo I C A- FWil-t fe. ttS1i*g^if oft PC* 

[0 0 5 1 ] wmT-^m^m.! otirt-wryj 

[0 0 5 2] MT-^1^|EgH2 Oti, <^,SEffl 

[0 0 5 3] T'/'jy-J'ayyo^'-^i.ti, Hg^fbS 
fC j; D r h ^nr fe D , a-1f~^S7 ^ i; ^_ 

^-'y^yfKi9vh<r>'^xiT'?ymm.x. imt 

[0 0 5 4] 1 oti, ri-sf 

@wif®iaiigi5i 1, mmmm 2. j^'-trx^ 
^■yuawi 3, m.m-^xm\ 4, fiM^^ 

[0 0 5 5] :i-^'@W1flSIH1tgp 1 I ti, a- Wis 



(7) mm- 1 1 -3 2 0 3 7 
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[00 5 6] mmmkm \ 2 Kti8=£ 
mm\^s.t\z.m>x. mimmm^x^^. si 

^J^tl 1tlI¥9-2 1 37 S^Tji^S 

[0 0 5 7] ri'-trXf^^r-y MHtasl 3ti. H«7 

'>Hy7n^^isftfi!c#. i]fcB77'jy-'>3>':^P 

TfM^tiS. 2|s:|ISifieiJm 7^'-bX9^'y7 htt, rL 
-■JfCSttlgi:, 7^'i:XH§ili(0^iit§IEt, 7 

^'•trxt«iE<07 '7^7.%.\%^w&\.mmM%'m 

[0 0 5 8] WM.m~^Xm 1 4[i. EB^x-^^ 
%m.2 0A^6>Se.n?c^lEfflT-^^&Atlt§g[i^jT 

[0 0 5 9] ?iJffl^WMg|5 1 A^J^tl/cllIffl 
30 •r-^lcmtl.7^'-bX^'^7F%7^-tXf-':r-y b 

LTV^S^U--^^' FT-5:JAa<D(C£i3T!/^5*\ 

[0 0 6 0] m\T-mmM\m. %mmr\ 

LTtfl^l-r^o Mr-^«, fijffl|&ff!|ajmgl5i ST'iR 
40 (3 m LftT ^ -b X^^ •> h 4>©fiElfflTO'i^ t s 

[0 06 1] :^tc, mmmix. ■^^mmicmm 
^ FA^5^it^t*n§Mtcoi.^Tis^0^-r.Sc 

[0 0 6 2] 02 (i. 1 ] OliJSatCfH^^WttfciC^ 

[0 0 6 3] mmwmm mx\i. '^n\zm 

50 5RS A (R i V e s t-S h am i r-Ad e 1 ma 



(8) 
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I c Y<r>mits^ 6 f-^ >y h mm -^t^x 
ym. t^x<o:3.~^<ommdumox^^^>. 

[0 0 6 4] V7V^^7-<.ym. fnT^Yhtz\-^ 

7-f^)^~'y^yf^^yMtmm^mmm lo 

[0 0 6 5] 

mn ED=1 mod * (n) 

mrz.t^o\L^m^. cc-e* (n) ^u^y-^ 

Xh^s 0 (n) = (p-1) (q-1) T£So ' 

[0 0 6 6] :kic'jyh^jL7^ym. »I^SIK 

[0 0 6 7] 

[S2] K' mod n 

m^WLx. K' mmitLrc77v^~i^3y7'uir 
7 A(c, m 3 -mmm-^j^^'ji^ o \zm)LhxwMt 
5. 

[0 0 6 8] z,<D7y'}'r-yByyu^=>hmmh 

[0 0 6 9] y7h'>xr^>'m a-tf'*^6©7^' 
■trX9^^r7Mgfig3R*gttT. 30 

fcfflt^rcBi^ii CE, n) itm^tmm (d, n) 

^ }^fo^i^\mthxm^t^(Dx\ 1 MmmK-D\,^ 
xm^ttmm^Ltt^o ^ut, ^msoitis 
m^'x. 

[0070] 

[|i£3] t=D-F Cn. L, d u) 40 

tLxmmmmmtm^t^. ccxmm o 
it-mmmmx&K). -ysm^^yy^mmD 

5, SHA^if^. «1SIB|#DES (D a t a E n c 
ryption S t a n d a r d) *if§ffll/^§ C i: 

[0 0 7 1] V7h'>x7'^y^^'Ji, (t, L, n) <D 

[0 0 7 2] 7yuy-~>3y7°n^^A^ 

';^-^/3>'7aif7i>^c5^^£t/c:^giEfflr-^' (c, so 



ftr7fl¥ 1 1 -3 2 0 3 7 
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n) tmr-^^mmicm^o 

[0 0 7 3] c<Dim(omn^m3<o7v~'^-^?~hic 

^L, cium-^^'xmmt^o 
(Xr7 7"S 1 1) -.mmT-'H^mziii. -fni- 

^V-^tyk.7^^)^~y^yfu>f7ht^h. K' in 

{7.Tv7% I 2) :Mr-^r£^^a, air^* 

CXr'yyS 1 3) : C=r"K' mod n^H-g 

(XT'^ySM) : (C, n) cDia^lliEfflr-^t 
LTtPlr-^f^^^Sl 0tjMMt§o 

[0 0 7 4] ^^tc, %wf-^'mm. I o©i^tn^i 

4fc/T^U enicS^V^TSERfJr^^rSj^Sei OfDSa 

(7.r7yS2l) :l!Efflr-^rA*ii5i 4j;f). IS 
MEffiT-^f CC, n) ^SAtlfSo 

(XT7yS2 2) :?iJffl^frWBfg|5l 5ti. n^+- 
\^hX7'7'c7.=^^^)jHl'&Wmh- 7^^7.i-'r 
7h (t, L, n) -^mm. 

(XT 7 y S 2 3 ) : ^iJffl^tt^iJK^gP 1 5 ti. ffi 0 1±5 L 

ft7'?'tx=f-^'yY^<omm\. mm) m 
mmmmimmv tmmt^o 

(Xx-y7S2 4~S2 5) : V>L(D^(i, lEB^r- 
^^mtl3\6^i, Ury^S 2 6) fCitCJo 

(Xr-y^S 2 6): ^Jffl^fWJifgP 1 5ti. &mm 

umi2Kmtinx^^^mmmvmm^ m 

(xt7:/s2 6~s2 9) :w.mf~^±mmi 

[00 7 5] 

[^4] R' =C""'"" mod n 
R = C'R' mod n 

Ei4i?tt. umT—»mmt^(oit. -MR' on- 

s-rsjejgA^fes*^ -SR' oti-g*^Siifeti{i R© 

R' tRt(uWTftitTfej;v^b. -mtmLx 

[0 0 7 6] wmr—^mMm2Q<om\T~ 
muumnv^-Dx^^xmrnf^. mm^r-^^mm 

nffidut, iELi^7i'-tx^y7 h {iEUMmmm 



(9) 
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[0 0 7 7] 

R = C'R' mod n 

= C C mo d n 

= C' mod n 

= (r' K' ) ° mod n 

= (rK) mod n 

= (rK)'" mod n 

= r K 10 

[0 0 7 8] ^CT\ M-my'-mm^zzxHt, m. 

[0 0 7 9] 

[iS(6] r" R mod n 

L.tt)^X'^^o 20 

[0 0 8 0] cmm. trnT-mmmii. 

[0 0 8 1] ^xk.xWf^:<r)mi>m<y)Wm.wn^. 
[0 0 8 2] i^(c, mmwi 

[0 0 8 3] C(7)tit6%^]if5tj:«, ator^'-tx 

•feX^y-y b'\7e'-frX'r§fc*!)©S2<D7^'-feX^^r 

i:(cj;D, f}g^ft7^'-bX^y-y hA^e, ^l©7^'-{r 
[0 0 8 4] ^LTC«i:t. ^l«7i'-lrXf-^'y h 

ttsA-^xxiiigcD^^Brtitc-r-So 

[0 0 8 5] S-f. /^-^xX©ltft6*||]iL/cl/^7/ 40 

mmic. AP i^:/Dri7ht«o 

[0 0 8 6] <77'>J^r->'3>'yDy^i.AP lOy 
PT^h^tfSS^>V7S'i'x7'^>'^ii> 7'nT^?hU 

,. q,mm^WmU )Si[n,%n,=p, • q.fcUT 

[0 0 8 7] 50 



mm 1 1 -3 2 0 3 7 
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mil El • D> = 1 mod <0 (n,) 
i![T'$D, «f (n,) = (p,-l) (q,-l) 

[0 0 8 8] m^vyh^3i7<ym. »g^SlK 
7'nTi'hLfcl/^77'U^— >3y^n^?^ 

mK^mrmm-:^x. \iMmE,x^mtix. k 

[00 8 9] 

[tS] K,* =K, E, mod n, 

^LT, K.' ^sg^ftb/c7:/uy— >Hyyp^/5 
Ate. m3#As§^^cs^^3m■^^^^^J;5^i:a^6iA^■^:« 

[0 0 9 0] V7h'>x7-^>'^*'t4, mbtc (n,, 
Di. <|) (n,) ) tOS^7^?-feX^'5r>y h'ifgr-^f^ 

-xKiant^o 

[009 1] :^tc. 7U'^-r Kfti/v^-?^xX • 

% 1 mmmmmtw, \ o:>mmt:j.~^mmmt 
w. 2 ommmmt-^xti t lx. ^'u^-r kjmv^ 

3 1 11 ©?ijffl^ff«ist^ 1 (Dmmt:i~m 
mm t 2 mmmmm t ^kiitm'^x^ ^ . 
m 1 mm^rn 3 3 a, A:^gi! 3 1 A^^n/tn 
1 ©s^ii^iBiit?.gi55j-e^So ^ 1 <Dmm\t. 7 

^^m^n:^^\tLm^m (e,, n,) tcmts 

[0 0 9 2] :i-1fB^'lffEieiig|53 4 a, A^g|5 3 1 
cnti, ^-^fOlEBJlT-^'^fiE^Bi OCi§|fi*tiT 

[0 0 9 3] n-w^^^-y vm\immtm\z 

a, a-Hf'^iSiJ'r^fgut, a-^f;^,^|lJffl^#^t§7 
7°'J'y-^>ay7'n^^5AAP l*>6®;0fflbrcn, t 
V7l>'>x7'^:y5fftjll5o y7h'i?x7'^y^f 
ti. a-tf£0liJ1f$BUti-ifliW1W$gdut^m 
■^ttT'KJftTl^Sa.— if1f$gr-^'S-Xyb>S, a- 
•!f<7)iiJ!3iJ'i^Utc^jE£;tS:i— »fmif$Ed u^^^l" 
SCttCioTa— tf0Sr1f$gm Sfc (n, D. 0 
(n) ) mm:mi'X\^^7^^7.9^'V htt^gr- 

^j^'^-xA^?,, n^\zm^t^m^m. (d,, no 

[ 0 0 9 4 ] ^ 1 %m%.mm&m Z2tmz mm 
mm^mm 5 a, ^k\=^um 1 ©fUffl^iMt^ 
zmmmmtmrnt^mxh^. % 1 ©^im 



(10) 
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^^fctt, I ilS©?iJffl^tc||i^$n. 2i§iiiX|i|©fiJ 

[0 0 9 5] ^1^^7h4^g)53 6ti, Atl$nf:M 

[0 0 9 6 ] ^ 1 ^ijffi^j^f '[f ^BIBtig[i 3 2 t ^ 1 t^H 
3 ta^-tf'@It'i^lBSaP3 4 1 h 
£fiScgP3 6t^)>6*S^iM^4 Hi, imcr^-bX 

[0 0 9 7] ^zmmmm. mi^'ry}-^]^ 

[0 0 9 8] ffg^»3 8f*. ^1^-5-7 h£^^3 6 20 
[0 0 9 9] g2^^>yhftfi)cgJ53 9a, Sf^t^SS 
[0 10 0] ^'>->y hm;^gl54 0«, Bg^ftgga 8T'B| 

fi)tgP3 9T'S^$nftS2©7^:^-b;:^9^y7 30 
[0 10 1] </'j-^'f KtAiv^-f^xx • g^-^-^ h<D 

[0 10 2] V7h'i'x7^y^ii, a-tP-A^B^^U 

hmmmt^3.-m^ rL-^^rmmmu 40 

So 

[0 10 3] (Xr7:^S3 1) : y7h^x7^y:5?' 
^Ktt^o Sfc, 7^';y-i/3y/n^7"vAAP 1 



ItilT 1 1 -3 2 0 3 7 
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OT, ^10^imi!Mf$gL,{J. fiJffl?4^^)WT-& 

[0 10 4] 
[^9] L, = 0 

[0 10 5] 
[tl 0] L. = A 

t-r^o /b?£XAa0J.XntO^^T?feD. fc^lAti'lO 

OfSSo 

[0 10 6] (XT>y7'S 3 2) : oL-^mWimu 

(Xr-yT'SSS) : (n. D, 0 (n) ) 
LTI/^§7^-bX^^7MWfg7*-^JJ'^-XA^P,. n, 

wt£t§^io®^ii (D,. n^) mmt^o 

CXT7yS3 4) :a— t^-*UP Hc7^?-(rXt-5ft 
i6©^l®7^'-frx^'!r7 M,:&fMt§c 
[0 10 7] 

mi 1] T== (t,. L,, n,) 
t,=Di-F (n^, L^, du) 
(X7^'yyS3 5) :^lcr>7^-feX9^^r.y M.^Bg 

^fttsfcfetc, i2iDssnz, mzmmEz. ^ 

[0 10 8] 

W.I 2] n2 = p2 • qz 
El 'Di = \ mod 0 (hh) 

0 (nO - (pz-1) (q^-l) 
(XT7yS3 6) ■■i^bTc^ZQiimE^T'^l 
o^r^^X^^-y h T, ^Bf^ltr^o T, m^itbk 

[0 10 9] 

mi 3] Ti' =T, mod 
(Xr'y:/S3 7) : Bg^ft$nft:7^'-lrX^'y>y M 
.' ^a— ifA^l^t5fti6©^2(D7^-bX^^7h 

[0110] 

[|!tl 4] T2= (t., L.. nO 
t! = DE-F (n^, U, du) 
(Xx'yysss) : ( (T,' , nO , TO ^ffltc 
Lryj -^-f KJAVv^-f^xX • 7 h t LT(±l:':t 

[0 111] V7h'>x7'^y^^'ti, tii^'^^nfcT'U-^ 
'I'FJAVv^-^FxX-^^r.yh ((!■'. n^) . 



(11) 
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[0 112] Mc. fV^-f FtMv?-^xX -f-ir-y 

[0 113] <7">J'^^' K&l/V-^-f-iX • ^^ry 

(a) 7'iM^'Kt!^W<~^xX-f^'5-<y h 

( (T,' , nO , TO §§tt|)io?ca— ifti, f-f 

Cb) ^tc, (!,■ . nO *i^^ft^«ltbTI.^5|iEi? 
f~ifmm 1 0 coilSEfflT-iS' A;^]g|3 1 4 J: 0 

ti.0 10 

CO 1 1 4] Ji^T. Mr-^S^gSl OtcfcltSjffl 

4 ©siscBigffijf as 1 2 tcti. 8 0 0 gsoy U F 
fsmmm-^nxh^itt^o cv = 8oo) 

ar-y:/S2l) : ^|Effl7^-^fA:'Jgpi 4 II 
Mr-^f (Ti' , nO ^Atlt^o 

-fCbTTi'-tJX^^r.yhfEiiglil 3^^^L. 7>!'-b 

(Xr 7 y S 2 3 ) : ?iJM^ff ^iJ^HP I 5ii. mtiih 20 

fc7^?-t:xf-^r.y hctic)?ijffl^L.t, mmmm 

(Xx'y7'S2 4) Le = 10 0, V = 8 0 0* 
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